What is the status and plan to get CORS ready for Last Call?
I see the following related "Raised" Issues:
Reduce the length of the header names?
http://www.w3.org/2008/webapps/track/issues/89
Exposing more (~infinite) response headers
http://www.w3.org/2008/webapps/track/issues/90
confused deputy problem
http://www.w3.org/2008/webapps/track/issues/108
CORS does not define the effect of the credentials flag in
sufficient detail
http://www.w3.org/2008/webapps/track/issues/114
And the latest ED includes 3 "red block" Issues.
-Art Barstow
[CORS] http://dev.w3.org/2006/waf/access-control/
On Apr 7, 2010, at 5:54 AM, ext Anne van Kesteren wrote:
On Tue, 06 Apr 2010 22:12:33 +0200, Tyler Close
<tyler.cl...@gmail.com>
wrote:
I've uploaded a new draft of the Uniform Messaging Policy to:
http://dev.w3.org/2006/waf/UMP/
This version adopts the same redirect handling specified by CORS.
With
this change I believe there are no outstanding issues with UMP.
The latest version also includes clarifications on the use of HTTP
caching in uniform requests, as well as the prohibition of client
authenticated connections for uniform requests. Both of these changes
reflect clarifications discussed on the list.
I believe the current editor's draft of UMP reflects all feedback
received on the FPWD and is ready to proceed to Last Call.
Since this is just a superset of CORS I wonder why we need it. Are
there
any vendors considering dropping support for CORS in favor of just
supporting UMP?
--
Anne van Kesteren
http://annevankesteren.nl/