- From: Arthur Barstow <Art.Barstow@nokia.com>
- Date: Thu, 8 Apr 2010 08:39:23 -0400
- To: ext Anne van Kesteren <annevk@opera.com>, Tyler Close <tyler.close@gmail.com>
- Cc: public-webapps <public-webapps@w3.org>
Anne - for any of the issues you want to close, please propose a resolution with at least a 1-week review period. Tyler - do any of these CORS issues apply to UMP? -Art Barstow On Apr 7, 2010, at 10:22 AM, ext Anne van Kesteren wrote: > On Wed, 07 Apr 2010 16:06:55 +0200, Arthur Barstow > <art.barstow@nokia.com> > wrote: >> What is the status and plan to get CORS ready for Last Call? > > I've mostly been waiting to see what happens with UMP. What I've > heard so > far from various implementors is that they want to keep CORS and > add the > ability to XMLHttpRequest for credential-less requests via the > constructor. But I might be missing something. > > >> I see the following related "Raised" Issues: >> >> Reduce the length of the header names? >> http://www.w3.org/2008/webapps/track/issues/89 > > This is not possible I think. SPDY or some such should be of help > here. > Anyway, it is still open because mnot wanted some kind of official WG > decision. > > >> Exposing more (~infinite) response headers >> http://www.w3.org/2008/webapps/track/issues/90 > > I've been trying to find out which solution implementors prefer, but > without much luck so far. > > >> confused deputy problem >> http://www.w3.org/2008/webapps/track/issues/108 > > We discussed this to death. > > >> CORS does not define the effect of the credentials flag in >> sufficient >> detail >> http://www.w3.org/2008/webapps/track/issues/114 > > I defined this. > > >> And the latest ED includes 3 "red block" Issues. > > They all indicate the need for other specifications to move > forward. URL, > HTTP, and whatever specification ends up defining origin. I.e. > editorial > and should in theory not block progress. > > > -- > Anne van Kesteren > http://annevankesteren.nl/ >
Received on Thursday, 8 April 2010 12:40:35 UTC