On Fri, Sep 24, 2010 at 12:41 AM, Anne van Kesteren wrote:
> On Thu, 23 Sep 2010 08:40:42 +0200, Vladimir Dzhuvinov
> wrote:
>>
>> The CORS draft on the other hand requires case-sensitive matching of
>> origins:
>>
>> http://www.w3.org/TR/access-control/#resource-requests
>
> It requires case-sen
>> The CORS draft on the other hand requires case-sensitive matching of
>> origins:
>>
>> http://www.w3.org/TR/access-control/#resource-requests
>
> It requires case-sensitive matching of the serialization of origins. They
> are never parsed into origins to begin with.
Does this mean that the valu
On Thu, 23 Sep 2010 08:40:42 +0200, Vladimir Dzhuvinov
wrote:
The CORS draft on the other hand requires case-sensitive matching of
origins:
http://www.w3.org/TR/access-control/#resource-requests
It requires case-sensitive matching of the serialization of origins. They
are never parsed in
Hi,
I'm writing a generic Java servlet filter to implement the current
CORS draft. I'm confused about the correct way to check if a reported
Origin is allowed by the resource's allow list.
The Origin spec, which the CORS draft refers to, implies that 2
origins are equal if they match, regardless