On Fri, Jun 17, 2011 at 12:57 PM, Ian Hickson <i...@hixie.ch> wrote: > On Wed, 1 Jun 2011, ilya goberman wrote: >> >> Can EventSource be enhanced to support cross-domain requests via >> "Access-Control-Allow-Origin" header, just like it is already done for >> XHR? See >> http://en.wikipedia.org/wiki/XMLHttpRequest#Cross-domain_requests. > > Done. > > > On Wed, 1 Jun 2011, Jonas Sicking wrote: >> >> We should probably consider adding the ability to specify if you want >> the request to happen with or without credentials (and default to the >> safe option which is without credentials). > > Why?
For the same reasons that we're doing it for XHR and for <img>s. People will likely want to create even streams that are specific to a user. For example indicating that the value of a users stock portfolio has gone up or down. / Jonas