Anne - for any of the issues you want to close, please propose a
resolution with at least a 1-week review period.
Tyler - do any of these CORS issues apply to UMP?
-Art Barstow
On Apr 7, 2010, at 10:22 AM, ext Anne van Kesteren wrote:
On Wed, 07 Apr 2010 16:06:55 +0200, Arthur Barstow
<art.bars...@nokia.com>
wrote:
What is the status and plan to get CORS ready for Last Call?
I've mostly been waiting to see what happens with UMP. What I've
heard so
far from various implementors is that they want to keep CORS and
add the
ability to XMLHttpRequest for credential-less requests via the
constructor. But I might be missing something.
I see the following related "Raised" Issues:
Reduce the length of the header names?
http://www.w3.org/2008/webapps/track/issues/89
This is not possible I think. SPDY or some such should be of help
here.
Anyway, it is still open because mnot wanted some kind of official WG
decision.
Exposing more (~infinite) response headers
http://www.w3.org/2008/webapps/track/issues/90
I've been trying to find out which solution implementors prefer, but
without much luck so far.
confused deputy problem
http://www.w3.org/2008/webapps/track/issues/108
We discussed this to death.
CORS does not define the effect of the credentials flag in
sufficient
detail
http://www.w3.org/2008/webapps/track/issues/114
I defined this.
And the latest ED includes 3 "red block" Issues.
They all indicate the need for other specifications to move
forward. URL,
HTTP, and whatever specification ends up defining origin. I.e.
editorial
and should in theory not block progress.
--
Anne van Kesteren
http://annevankesteren.nl/