On Wed, 06 Feb 2008 02:43:14 +0100, Jonas Sicking <[EMAIL PROTECTED]> wrote:
Mark Nottingham wrote:
Comments:
* "It should not be possible to perform cross-site non-safe
operations, i.e., HTTP operations except for GET, HEAD, and OPTIONS,
without a method check requestbeing performed." -- this specifies a
solution in the requirements.
I agree the link should be removed. And I guess saying "without first
checking that the server is ok with this" might be more generic wording?
I changed it to "authorization check". I believe it was something like
that originally and it seems that my copy & paste action for rewording the
preflight request was a bit too aggrasive. I've fixed that now.
--
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
