Sat Jul 12 2014 01:10:41 UTC
It is still sometimes tempting to suggest that we drop support for the web as it is today.
Hide Search Description
14 bugs found.
ID Product Comp Assignee Status Resolution Summary Changed
14663 WebAppsS CORS annevk RESO WONT Advice on CORS and caches 2013-10-25
14664 WebAppsS CORS annevk RESO INVA Defining CORS headers 2013-10-25
14665 WebAppsS CORS annevk RESO FIXE Content-Type is not a simple header 2011-11-23
14666 WebAppsS CORS annevk RESO FIXE Be clearer about cookies and CORS 2011-11-25
14700 WebAppsS CORS annevk RESO FIXE Point out that Access-Control-Allow-Origin:* is safe for servers not behind a firewall 2013-10-25
15312 WebAppsS CORS annevk RESO WONT lowercasing requirement for Access-Control-Request-Headers harmful 2012-05-03
16434 WebAppsS CORS annevk RESO FIXE Clarify that "global unique identifier" is an alias for "null" (for all CORS-purposes) 2012-03-22
16436 WebAppsS CORS annevk RESO FIXE Resource processing: shouldn't need to split Origin string on SPACE anymore 2012-03-22
17042 WebAppsS CORS annevk RESO INVA Last-Event-ID is not a simple header 2013-10-28
17205 WebAppsS CORS annevk RESO INVA graph.Facebook.com/ladybug2007 2012-05-29
19315 WebAppsS CORS annevk RESO DUPL Last-Event-ID header should be a simple header 2013-10-28
19920 WebAppsS CORS annevk RESO INVA Don't allow space-separated origins in the syntax 2013-10-25
21012 WebAppsS CORS annevk RESO WONT Add more text on Vary 2013-10-28
21608 WebAppsS CORS annevk RESO WONT 7.2 "Resource Sharing Check" does not specify how to handle a space separated list in Access-Control-Allow-Origin 2013-10-25
14 bugs found.
  Edit Search  
as

File a new bug in the "WebAppsSec" product