ISSUE-90

Exposing more (~infinite) response headers

State:
RAISED
Product:
CORS
Raised by:
Anne van Kesteren
Opened on:
2009-06-16
Description:
In

  http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0967.html

Mark Nottingham comments on the asymmetry of exposing the body of the response but only a tiny subset of the headers. He argues for

 * Expanding this whitelist and
 * Giving responses of resources a way to indicate which headers are ok to expose

or

 * Turning it into a blacklist

He indicated he was not satisfied deferring this issue to CORS2 and considers it a showstopper for CORS1.
Related Actions Items:
No related actions
Related emails:
  1. Re: [cors] update (oct5) (from art.barstow@nokia.com on 2009-10-05)
  2. Re: [cors] Comments on 17 March 2009 (from annevk@opera.com on 2009-09-23)
  3. Re: [cors] Review (from annevk@opera.com on 2009-06-16)
  4. ISSUE-90: Exposing more (~infinite) response headers [CORS] (from sysbot+tracker@w3.org on 2009-06-16)

Related notes:

No additional notes.

Display change log ATOM feed

Charles McCathieNevile <chaals@opera.com>, Arthur Barstow <art.barstow@nokia.com>, Chairs, Doug Schepers <schepers@w3.org>, Staff Contact
Tracker, originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: index.php,v 1.231 2009/11/16 15:00:54 dom Exp $