- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Mon, 22 Apr 2013 11:56:13 +0100
- To: "Pellerin, Clement" <Clement_Pellerin@ibi.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Tue, Apr 16, 2013 at 8:30 PM, Pellerin, Clement <Clement_Pellerin@ibi.com> wrote: >> On Tue, Apr 16, 2013 at 7:58 PM, Anne van Kesteren wrote: >> > What should the value of the Allow header be in the response to a CORS preflight request? >> > Is the Allow header mandatory, optional, forbidden, ignored? >> >> Ignored. > > Should this be mentioned explicitly in the specification, at least in a non-normative way? I filed https://www.w3.org/Bugs/Public/show_bug.cgi?id=21764 on http://fetch.spec.whatwg.org/ which will replace CORS in due course to consider this. -- http://annevankesteren.nl/
Received on Monday, 22 April 2013 10:56:40 UTC