Re: [XHR] withCredentials and HTTP authentication

2013-02-12 Thread Monsur Hossain
On Tue, Feb 12, 2013 at 3:37 AM, Anne van Kesteren ann...@annevk.nl wrote: On Tue, Feb 12, 2013 at 4:24 AM, Monsur Hossain mon...@gmail.com wrote: The XHR spec defines user credentials as cookies, HTTP authentication, and client-side SSL certificates. Its not clear to me what HTTP

Re: [XHR] withCredentials and HTTP authentication

2013-02-12 Thread Monsur Hossain
On Tue, Feb 12, 2013 at 1:36 PM, Anne van Kesteren ann...@annevk.nl wrote: On Tue, Feb 12, 2013 at 7:30 PM, Monsur Hossain mon...@gmail.com wrote: On Tue, Feb 12, 2013 at 3:37 AM, Anne van Kesteren ann...@annevk.nl wrote: User credentials stored by the user agent based on a previous visit

Re: [CORS] Applying preflight cache to an entire domain?

2012-04-19 Thread Monsur Hossain
:42 +0200, Monsur Hossain mon...@gmail.com wrote: Ah thank you! I agree that url canonicalization is a difficult issue to solve. FWIW, I was envisioning something much simpler. The CORS spec makes it clear that cache lookup should be done by origin and request url. So instead of specifying a url

[CORS] Applying preflight cache to an entire domain?

2012-04-18 Thread Monsur Hossain
Hi there. The CORS spec currently indicates that the preflight cache should store preflight responses for a particular origin/request url pair. That means that multiple requests to different urls on the same domain will always trigger a preflight, even if the preflight response is exactly the same

Re: [CORS] Applying preflight cache to an entire domain?

2012-04-18 Thread Monsur Hossain
making requests to the domain. This would fit in with the current preflight caching model while still allowing some flexibility to servers implementing CORS. Thanks, Monsur On Wed, Apr 18, 2012 at 7:16 AM, Anne van Kesteren ann...@opera.com wrote: On Tue, 17 Apr 2012 23:35:16 +0200, Monsur