23654 – Point out that Access-Control-Allow-Origin:* is safe for servers not behind a firewall

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 23654 - Point out that Access-Control-Allow-Origin:* is safe for servers not behind a firewall

Summary: Point out that Access-Control-Allow-Origin:* is safe for servers not behind a...

Status:	RESOLVED FIXED

Alias:	None

Product:	WHATWG
Classification:	Unclassified
Component:	Fetch (show other bugs)
Version:	unspecified
Hardware:	PC Windows 3.1

Importance:	P2 normal
Target Milestone:	Unsorted
Assignee:	Anne
QA Contact:	sideshowbarker+fetchspec

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2013-10-28 14:20 UTC by Anne
Modified:	2014-05-19 13:22 UTC (History)
CC List:	3 users (show)

See Also:

Attachments

Description Anne 2013-10-28 14:20:04 UTC

+++ This bug was initially created as a clone of Bug #14700 +++

In the eventual "How to use CORS" section point out that you can use Access-Control-Allow-Origin:* safely on servers not behind a firewall.

Comment 1 Anne 2014-05-19 13:22:05 UTC

https://github.com/whatwg/fetch/commit/a026e115be02f3d76bf2d63fbd2e70fa9091b1e5