On 7 juin, 02:13, Mark Renouf <[email protected]> wrote:
> On Jun 5, 12:49 pm, Piotr Jaroszyński <[email protected]> wrote:
>
> > Security-wise I think it can match the w3 spec - at least for GETs and
> > POSTs (other methods are not supported in GWT anyway because of the
> > safari bug). The server would be required to send the access control
> > headers then, but that's a good idea anyway as it will be required
> > for the new cross site xhr anyway.
>
> Hmm. It's a shame that Safari bug is only reason for that. AFAIK it
> was fixed QUITE a while ago. We do GET/PUT/POST/HEAD/DELETE from all
> the major browsers just fine (by sub-classing RequestBuilder).
AFAICT that's not the only reason (otherwise, GData wouldn't have had
that X-HTTP-Method-Override header), there are also some firewalls and
proxies that block methods other than GET and POST (and probably HEAD
and/or OPTIONS, but at least they block PUT and DELETE)
--~--~---------~--~----~------------~-------~--~----~
http://groups.google.com/group/Google-Web-Toolkit-Contributors
-~----------~----~----~----~------~----~------~--~---
