[whatwg] Enhancement request: change EventSource to allow cross-domain access

Anne van Kesteren annevk at opera.com
Wed Jun 22 05:47:37 PDT 2011

On Mon, 20 Jun 2011 13:14:54 +0200, Jonas Sicking <jonas at sicking.cc> wrote:
> Though possibly a safer way to think about it is that the Content-Type
> header should always be inspected to see if a preflight is needed, no
> matter if the header is set by the page or by the implementation.
> I think I like the latter approach more since it seems safer.

Bah, Content-Type sucks.

I created a new thread on public-webapps at w3.org to further discuss this  
(as well as something else I noticed):


(I already renamed "custom request headers" to "author request headers". I  
hope that will reduce some of the confusion I and others had with respect  
to Last-Event-ID and Cache-Control. I should probably add a note too at  
some point, once I find an appropriate location.)

Anne van Kesteren

More information about the whatwg mailing list