On Thu, 08 Jul 2010 03:44:03 +0200, Devdatta Akhawe <dev.akh...@gmail.com>
wrote:
It's not just implementation effort-- as I mentioned, it's potentially a
compatibility question. If you are proposing not sending cookies on any
cross-origin images (or other potential candidates for CORS), do you
have
any data about which sites that might affect?
Its not clear to me on how it would affect sites. It would be like the
user cleared his cache and made a request.
For instance, a bank site might force the user to log in again.
--
Simon Pieters
Opera Software
