mozilla

Revision 77581 of HTTP access control

  • Revision slug: Talk:HTTP_access_control
  • Revision title: HTTP access control
  • Revision id: 77581
  • Created:
  • Creator: Manuel Strehl
  • Is current revision? No
  • Comment error in text; 109 words added

Revision Content

If the property withCredentials is a boolean property, why do the code samples assign the string "true"? Shouldn't the code samples simply assign the boolean value true?

Access-Control-Allow-Origin is not comma separated!

It seems that the info in the article is false concerning the value of the Access-Control-Allow-Origin header. The spec says, it has to be either "*" or mirrors the exact value of the Origin header. No word about a comma separated list. Actually FF 3.5 also has this behaviour. If you throw a comma separated list onto it, it will ignore the result. Can someone with more knowledge of the internals verify this and correct the article? --Manuel Strehl 02 November 2009

Revision Source

<p>If the property withCredentials is a boolean property, why do the code samples assign the string "true"? Shouldn't the code samples simply assign the boolean value true?</p>
<h3>Access-Control-Allow-Origin is not comma separated!</h3>
<p>It seems that the info in the article is false concerning the value of the Access-Control-Allow-Origin header. The spec says, it has to be either "*" or mirrors the exact value of the Origin header. No word about a comma separated list. Actually FF 3.5 also has this behaviour. If you throw a comma separated list onto it, it will ignore the result. Can someone with more knowledge of the internals verify this and correct the article? --<a href="https://developer.mozilla.org/User:Manuel_Strehl" rel="custom nofollow">Manuel Strehl</a> 02 November 2009</p>
Revert to this revision