On 6/12/12 4:47 AM, Simon Pieters wrote:
The potentially CORS-enabled fetch algorithm ignores the state of the crossorigin attribute when the URL is same-origin.
Hmm. On the face of it, this seems like a bug when open redirectors are involved... Is this what UAs implement in practice?
-Boris
