On Tue, Feb 12, 2013 at 8:00 PM, Anne van Kesteren <ann...@annevk.nl> wrote:
> Hmm I see what you mean. But the user agent can provide the
> Authorization header too based on a previous visit. That is the
> meaning that is most often meant, but in the particular case of CORS
> the semantics are subtly different. Not sure how to clarify that
> exactly.

Filed https://www.w3.org/Bugs/Public/show_bug.cgi?id=21013


Reply via email to