Thanks for the clarification, that makes sense.
A little background on why I'm thinking about this. I've been investigating
CORS performance on mobile. Mobile is a great use case for CORS since it is
mostly guaranteed to be supported (at least on iOS and Android). However,
the cost of making two
Hi there. The CORS spec currently indicates that the preflight cache should
store preflight responses for a particular origin/request url pair. That
means that multiple requests to different urls on the same domain will
always trigger a preflight, even if the preflight response is exactly the
same
On Tue, 17 Apr 2012 23:35:16 +0200, Monsur Hossain mon...@gmail.com
wrote:
Hi there. The CORS spec currently indicates that the preflight cache
should
store preflight responses for a particular origin/request url pair. That
means that multiple requests to different urls on the same domain
Ah thank you! I agree that url canonicalization is a difficult issue to
solve. FWIW, I was envisioning something much simpler. The CORS spec makes
it clear that cache lookup should be done by origin and request url. So
instead of specifying a url to this Access-Control-Policy-Path header, it
would
On Wed, 18 Apr 2012 18:34:42 +0200, Monsur Hossain mon...@gmail.com
wrote:
Ah thank you! I agree that url canonicalization is a difficult issue to
solve. FWIW, I was envisioning something much simpler. The CORS spec
makes
it clear that cache lookup should be done by origin and request url.