[whatwg] Enhancement request: change EventSource to allow cross-domain access

Jonas Sicking jonas at sicking.cc
Fri Jun 17 14:09:40 PDT 2011

On Fri, Jun 17, 2011 at 12:57 PM, Ian Hickson <ian at hixie.ch> wrote:
> On Wed, 1 Jun 2011, ilya goberman wrote:
>> Can EventSource be enhanced to support cross-domain requests via
>> "Access-Control-Allow-Origin" header, just like it is already done for
>> XHR? See
>> http://en.wikipedia.org/wiki/XMLHttpRequest#Cross-domain_requests.
> Done.
> On Wed, 1 Jun 2011, Jonas Sicking wrote:
>> We should probably consider adding the ability to specify if you want
>> the request to happen with or without credentials (and default to the
>> safe option which is without credentials).
> Why?

For the same reasons that we're doing it for XHR and for <img>s.
People will likely want to create even streams that are specific to a
user. For example indicating that the value of a users stock portfolio
has gone up or down.

/ Jonas

More information about the whatwg mailing list