[whatwg] AppCache feature request: An https manifest should be able to list resources from other https origins.

Michael Nordman michaeln at google.com
Fri Jan 28 14:13:55 PST 2011

On Thu, Jan 27, 2011 at 8:30 PM, Jonas Sicking <jonas at sicking.cc> wrote:
> On Thu, Jan 27, 2011 at 5:16 PM, Michael Nordman <michaeln at google.com> wrote:
>> A CORS based answer to this would work for the folks that have
>> expressed an interest in this capability to me.
>> cc'ing some other appcache implementors too... any thoughts?
> CORS has the semantics of "you're allowed to make these types of
> requests to this resource, and you're allowed to read the response
> from such requests". This is very different from what is being
> requested here as I understand it?
> So either we'd need to add more headers to CORS, or come up with some
> other header-based solution I think.
> / Jonas

Seems like CORS describes a protocol more than prescribes semantics?
Is it really necessary to build up another protocol. From the
"Specifications that enable an API to make cross-origin requests to
resources can use the algorithms defined by this specification."

More information about the whatwg mailing list