- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 04 Oct 2011 14:55:28 -0400
On 10/4/11 2:44 PM, Anne van Kesteren wrote: > On Tue, 04 Oct 2011 20:32:02 +0200, Ian Hickson <ian at hixie.ch> wrote: >> The idea is that if the server explicitly rejected the CORS request, then >> the image should not be usable at all. > > FWIW, from a CORS-perspective both scenarios are fine. CORS only cares > about whether data gets shared in the end. Displaying images involves sharing data, basically. That's why we're having to jump through all these hoops.... -Boris
Received on Tuesday, 4 October 2011 11:55:28 UTC