Some HTTP clients may wish to treat certain HTTP errors, for example 416
"Requested Range Not Satisfiable" errors, as non-fatal. For example, you may
initiate a download, abort it, then try to resume it using a Range request,
but it turns out that you'd already reached the end of the resource and t
On Tue, 17 Nov 2009 01:45:53 +0100, Robert O'Callahan
wrote:
This suggests that the client should expect --- and the server should
send --- CORS headers such as Access-Control-Allow-Origin:* in HTTP error
responses for "public" resources. Does that make sense? The spec seems
to be silent on
On Tue, Nov 17, 2009 at 11:14 PM, Anne van Kesteren wrote:
> On Tue, 17 Nov 2009 01:45:53 +0100, Robert O'Callahan <
> rob...@ocallahan.org> wrote:
>
>> This suggests that the client should expect --- and the server should send
>> --- CORS headers such as Access-Control-Allow-Origin:* in HTTP erro
On 11/17/2009 02:42 AM, Robert O'Callahan wrote:
It might be worth explicitly mentioning that CORS headers can (and
sometimes should) be included in error responses, perhaps with an
example of when that would make sense. Maybe I'm over-paranoid but it
just struck me (and Jeff Walden) as something