cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From K Fung <kfung4...@gmail.com>
Subject Re: CORS
Date Sat, 12 Nov 2011 07:35:12 GMT
Hello,

Are there any plans to expand this code so that covers both 5.1 and 5.2 of
the CORS specification (http://www.w3.org/TR/cors?) In particular,

- Not blocking the request of it's an OPTIONS request but doesn't contain
the Origin header
- What if the request doesn't contain OPTIONS but does contain the Origin
header (section 5.1 of the spec)
- Adding support for Access-Control-Allow-Credentials (section 5.2 of the
spec, step 7)
- Adding support for Access-Control-Max-Age (section 5.2 of the spec, step
8)

Cheers,
kl

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message