ISSUE-90: Exposing more (~infinite) response headers

Exposing more (~infinite) response headers

State:
CLOSED
Product:
HISTORICAL: CORS [this spec uses Bugzilla for Bug/Issue tracking http://tinyurl.com/Bugz-CORS]
Raised by:
Anne van Kesteren
Opened on:
2009-06-16
Description:
In

http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0967.html

Mark Nottingham comments on the asymmetry of exposing the body of the response but only a tiny subset of the headers. He argues for

* Expanding this whitelist and
* Giving responses of resources a way to indicate which headers are ok to expose

or

* Turning it into a blacklist

He indicated he was not satisfied deferring this issue to CORS2 and considers it a showstopper for CORS1.
Related Actions Items:
No related actions
Related emails:
  1. Re: ISSUE-90: Exposing more (~infinite) response headers [CORS] (from nathan@webr3.org on 2010-06-15)
  2. Re: ISSUE-90: Exposing more (~infinite) response headers [CORS] (from annevk@opera.com on 2010-06-15)
  3. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from mjs@apple.com on 2010-04-19)
  4. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from jonas@sicking.cc on 2010-04-19)
  5. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from tyler.close@gmail.com on 2010-04-19)
  6. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from jonas@sicking.cc on 2010-04-19)
  7. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from mjs@apple.com on 2010-04-19)
  8. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from tyler.close@gmail.com on 2010-04-19)
  9. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from benl@google.com on 2010-04-18)
  10. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from julian.reschke@gmx.de on 2010-04-18)
  11. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from tyler.close@gmail.com on 2010-04-14)
  12. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from tyler.close@gmail.com on 2010-04-14)
  13. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from tyler.close@gmail.com on 2010-04-14)
  14. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from tyler.close@gmail.com on 2010-04-08)
  15. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from Art.Barstow@nokia.com on 2010-04-08)
  16. Re: CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from annevk@opera.com on 2010-04-07)
  17. CORS Last Call status/plans? [Was: Re: [UMP] Request for Last Call] (from art.barstow@nokia.com on 2010-04-07)
  18. Re: [cors] update (oct5) (from art.barstow@nokia.com on 2009-10-05)
  19. Re: [cors] Comments on 17 March 2009 (from annevk@opera.com on 2009-09-23)
  20. Re: [cors] Review (from annevk@opera.com on 2009-06-16)
  21. ISSUE-90: Exposing more (~infinite) response headers [CORS] (from sysbot+tracker@w3.org on 2009-06-16)

Related notes:

Closing per June 15 2010 email.

Anne van Kesteren, 15 Jun 2010, 08:20:57

Display change log ATOM feed


Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 90.html,v 1.1 2016/01/25 10:26:24 carine Exp $