This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
This was was cloned from bug 16574 as part of operation convergence. Originally filed: 2012-03-29 22:41:00 +0000 Original reporter: Glenn Adams <glenn@skynav.com> ================================================================================ #0 Glenn Adams 2012-03-29 22:41:58 +0000 -------------------------------------------------------------------------------- At present, HTML5 does not mandate support for [ORIGIN] in a compliant UA, which means that a UA need not transmit an Origin header; however, due to the citation of Origin header in [1] step 5, readers may misunderstand the requirements in this regard; To avoid misunderstanding, please add an informative note under the last paragraph of step 5 "For the purposes of the Origin header..." as follows (or an equivalent): Note: A user agent is not required to support [ORIGIN], which means that sending a Origin header is not required by this specification. ================================================================================
_HTTP_ isn't required, that's the only reason Origin isn't required. I've clarified the spec to say that if you implement HTTP, you have to implement the add-on bits we need like Origin and Cookies.
Checked in as WHATWG revision r7414. Check-in comment: Require Cookies and Origin if you implement HTTP. http://html5.org/tools/web-apps-tracker?from=7413&to=7414
Thanks, that does the trick.