On Mon, 04 Feb 2008 10:27:03 +0100, Jonas Sicking <[EMAIL PROTECTED]> wrote:
If I do a POST using AC to a http://example.com/form.cgi and the initial OPTIONS request forwards to http://example.org/pub/form.cgi, does that mean that the POST goes directly to the second URI?
Yes, you proposed this (although I pointed out later that this was already in the draft, though unclear):
http://lists.w3.org/Archives/Public/public-webapi/2007Jul/0042.html
That seems like a bad idea to me since it makes cross-site requests behave very different from same-site requests, rather than just differing in authorization.
I don't see what the issue is. They already behave very differently as they require a preflight OPTIONS request. Comments like these do worry me a bit about the state of your implementation though. :-(
-- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
