Server-sent-events use this header with CORS
More importantly, it's not an author request header.
thank you for your understanding
you just stop polyfilling Server sent events with XMLHttpRequest
Ah yes, that would indeed not work without a preflight request. Is that a big problem?
Also, at this time it seems easier to get browsers to add EventSource support than to change their CORS implementations yet again.
Last-Event-ID can be setted with help of EventSource, than disconnect + redirect
can be done to make request with "Last-Event-ID" header to some other site.
or may be it is time to drop Server sent events...
and move to WebSockets
I don't understand comment 5. WebSocket is great, but quite different from EventSource and EventSource is not going away at this point.
EventSource allows to make requests with "Last-Event-ID" header without preflight.
That seems like a bug in Gecko to me. We also instruct the browser to set Referer and Origin to certain values. They're not simple either.
*** Bug 19315 has been marked as a duplicate of this bug. ***