[whatwg] [CORS] WebKit tainting image instead of throwing error

Anne van Kesteren annevk at opera.com
Tue Oct 4 12:14:18 PDT 2011

On Tue, 04 Oct 2011 21:06:29 +0200, Boris Zbarsky <bzbarsky at mit.edu> wrote:
> Yes; the point of specifying crossorigin is to opt in to the security  
> model we think the web _should_ have but that we can't roll out across  
> the board.  Yet.

Well, what you think it should have is not shared by me.

Anne van Kesteren

More information about the whatwg mailing list