On Thu, Feb 5, 2015 at 2:23 PM, Florian Bösch <pya...@gmail.com> wrote: > 2) Clients do not apply CORS to WebSocket requests, and you're screwed, > because any change you make will break existing deployments.
We can roll out a revision to the protocol that supports some kind of CORS-like prefetching mechanism to opt into custom headers just fine I think. Just requires some set of people to do the work. -- https://annevankesteren.nl/