ISSUE-90: Exposing more (~infinite) response headers [CORS] http://www.w3.org/2008/webapps/track/issues/90
Raised by: Anne van Kesteren On product: CORS In http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0967.html Mark Nottingham comments on the asymmetry of exposing the body of the response but only a tiny subset of the headers. He argues for * Expanding this whitelist and * Giving responses of resources a way to indicate which headers are ok to expose or * Turning it into a blacklist He indicated he was not satisfied deferring this issue to CORS2 and considers it a showstopper for CORS1.