support!
--
Sincerely yours,
Valery Kotov
--
Mark Nottingham http://www.mnot.net/
On 5 Sep 2014, at 11:03 am, Anne van Kesteren ann...@annevk.nl wrote:
On Thu, Sep 4, 2014 at 11:09 PM, Mark Nottingham m...@mnot.net wrote:
Huh?
OPTIONS * isn’t exactly common, but it’s very much OK by HTTP…
Sure. It's not supported by XMLHttpRequest. If you pass * as URL
argument
by
using XMLHttpRequest class?
That is not supported. I suspect adding support for it might create a
security vulnerability for servers as it is not something they
anticipate a browser to do.
--
http://annevankesteren.nl/
--
Mark Nottingham http://www.mnot.net/
please cc me if you
want me to reply.
--
Mark Nottingham http://www.mnot.net/
.
It's totally generic.
Best regards, Julian
--
Mark Nottingham http://www.mnot.net/
URLs.
Cheers,
--
Mark Nottingham http://www.mnot.net/
that one hostname = one app; then the
scoping of and separation between apps is intuitive (e.g., fooApp.example.com,
barApp.example.com). You could even define a well-known location for the
manifest, so that people could just type the hostname in to install / view the
app...
Cheers,
--
Mark
,
--
Mark Nottingham http://www.mnot.net/
and better coordinated APIs.
If this is important to the TAG, it seems like you should add that task to
the Web Application Storage work the TAG intends to do. Agreed?
-AB
[1] http://www.w3.org/2001/tag/2011/sum10#webappstorage
--
Mark Nottingham http://www.mnot.net/
/html5/offline.html#appcache
[3] http://www.w3.org/2011/web-apps-ws/
--
Mark Nottingham http://www.mnot.net/
required.
--
Mark Nottingham http://www.mnot.net/
.,
FooAPI-Private: Bar, Boo
Cheers,
--
Mark Nottingham http://www.mnot.net/
can and can't be
set using the XMLHttpRequest API. For example, the XMLHttpRequest API
could decide that it can or cannot be used to set the Banana HTTP
header as the designers of that API see fit.
Adam
On Mon, Feb 21, 2011 at 2:38 PM, Mark Nottingham m...@mnot.net wrote:
Hello
On 22/02/2011, at 11:39 AM, Adam Barth wrote:
On Mon, Feb 21, 2011 at 3:53 PM, Mark Nottingham m...@mnot.net wrote:
Probably best to follow up here.
Yes, of course it can define the specific headers it can or cannot send.
The problem is XHR not only enumerates the headers, it also
on the registration procedure for HTTP headers.
Cheers,
--
Mark Nottingham http://www.mnot.net/
On 22/11/2010, at 7:31 PM, Jonas Sicking wrote:
On Sun, Nov 21, 2010 at 10:41 PM, Mark Nottingham m...@mnot.net wrote:
I looked at the most recent specification and noted a few things. Apologies
if these are repeats of earlier feedback, but they're still outstanding.
1) POST is listed
not, based upon past experience. We've been through
this a few times already.
Regards,
--
Mark Nottingham http://www.mnot.net/
On 23/11/2010, at 4:23 AM, Jonas Sicking wrote:
It's definitely a lot later in the spec-cycle now, but if nothing else
it's something that could be added to a version 2 of the
specification.
That's probably most realistic.
Cheers,
--
Mark Nottingham http://www.mnot.net/
- I realise that CORS is already shipping and that
implementers are unlikely to change. I just didn't want to let this draft go by
without commenting, lest someone mistake it for a good design.
Regards,
--
Mark Nottingham http://www.mnot.net/
/api.html#response-trailers-206
Cheers,
--
Mark Nottingham http://www.mnot.net/
the message is complete, or using a separate property or method if it's
felt that keeping them distinct from the normal headers is desirable. E.g.,
getResponseTrailer().
Cheers,
--
Mark Nottingham http://www.mnot.net/
client-side so
I'm thinking of simply removing client-side within CORS.
Cheers,
--
Anne van Kesteren
http://annevankesteren.nl/
--
Mark Nottingham m...@yahoo-inc.com
rule out the well-known location solution, I agree it's a very
hard problem to solve.
--
Mark Nottingham http://www.mnot.net/
On 16/06/2009, at 12:16 AM, Anne van Kesteren wrote:
On Mon, 15 Jun 2009 04:36:28 +0200, Mark Nottingham m...@mnot.net
wrote:
Content providers wanted the flexbility of not having to list
every
header in advance. Both so debugging headers and such would not
have
to be exposed
Thanks - a few replies below.
On 14/06/2009, at 10:24 PM, Anne van Kesteren wrote:
On Sun, 14 Jun 2009 03:58:31 +0200, Mark Nottingham m...@mnot.net
wrote:
As I said, I raised have raised substantive issues before:
http://lists.w3.org/Archives/Public/public-appformats/2008Jan/0226.html
/05/2009, at 5:27 PM, Mark Nottingham wrote:
*** Substantial issues
* POST as a simple method - POST is listed as a simple method
(i.e., one not requiring pre-flight) because there are already
security issues that allow an HTML browser to send cross-site POST
requests. However, other
-Allow-Credentials headers... should end in
header values because a HTTP header can contain multiple values.
--
Mark Nottingham http://www.mnot.net/
27 matches
Mail list logo