Re: IE Team's Proposal for Cross Site Requests

Laurens Holst Fri, 14 Mar 2008 03:20:01 -0700

So, if I cannot set HTTP headers, how am I supposed to set an Accept header to indicate that I e.g. want to receive application/xhtml+xml, application/atom+xml, application/*rss*+xml, application/rdf+xml, etc.? Your proposal is completely unfriendly to content negotiation. Also, there are valid use cases for setting other headers.

I sincerely hope you will fix this issue by creating a blacklist of headers instead of disallowing them entirely.


~Grauw

--
Ushiko-san! Kimi wa doushite, Ushiko-san nan da!!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Laurens Holst, student, university of Utrecht, the Netherlands.
Website: www.grauw.nl. Backbase employee; www.backbase.com.

begin:vcard
fn:Laurens Holst
n:Holst;Laurens
email;internet:[EMAIL PROTECTED]
tel;cell:(+31) 06-41765048
version:2.1
end:vcard

smime.p7s
Description: S/MIME Cryptographic Signature

Re: IE Team's Proposal for Cross Site Requests

Reply via email to