[prev in list] [next in list] [prev in thread] [next in thread]
List: whatwg
Subject: Re: [whatwg] Fetch: crossorigin="anonymous" and XMLHttpRequest
From: Jonas Sicking <jonas () sicking ! cc>
Date: 2013-03-21 6:18:08
Message-ID: CA+c2ei9SE7PcFaAM2fEyZmxPEdpkC=5MTaQFMmZO_F1kgPLrfA () mail ! gmail ! com
[Download RAW message or body]
On Wed, Mar 20, 2013 at 2:31 PM, Anne van Kesteren <annevk@annevk.nl> wrote:
> > That said, allowing both anonymous and non-anonymous requests to do
> > xhr.setRequestHeader("referer", "") might be a good idea. I.e. being
> > able to set it explicitly to the empty string.
>
> Okay.
>
> Does anonymous also mean not handling 401 by prompting the user?
I think so yes.
> What about 407?
The fact that there's a proxy that the user needs to log in to should
never be exposed to the platform I would think. Nor should the
platform be able to affect how the user interacts with such a proxy.
/ Jonas
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic