[whatwg] CORS requests for image and video elements
Glenn Maynard
glenn at zewt.org
Tue May 17 14:52:07 PDT 2011
On Tue, May 17, 2011 at 5:40 PM, Jonas Sicking <jonas at sicking.cc> wrote:
> If the "supports credentials" flag is set to false, the request will
> be made without cookies, and the server may respond with either
> "Access-Control-Allow-Origin:*" or "Access-Control-Allow-Origin:
> <origin>".
>
> I propose that the latter mode is used as it will make servers easier
> to configure as they can just add a static header to all their
> responses.
>
This could be specified, eg. <img cors> without credentials and <img
cors="credentials"> with. I don't know if there are use cases to justify
it.
--
Glenn Maynard
More information about the whatwg
mailing list