I beleive that CORS (sometimes?) uses an additional HTTP OPTIONS
request-- though I don't see that being necessary (the GET response
could return valid headers).
Has Opera implemented cross domain origin-clean images?
-Charles
On Apr 23, 2010, at 5:56 PM, "Anne van Kesteren" <ann...@opera.com>
wrote:
On Sat, 24 Apr 2010 04:04:57 +0900, Jonas Sicking <jo...@sicking.cc>
wrote:
This would require changes to both HTML and to CORS, but not too bad.
And the result is significantly better as it doesn't require the user
to get involved and decide what's safe and what's not.
What changes to CORS would be required? It is designed to make this
"just work" so if anything is wrong I'd like to know. Specifically
the "resource sharing check" is what HTML would use here.
--
Anne van Kesteren
http://annevankesteren.nl/
