On Tue, 12 Jun 2012 20:38:08 +0200, Boris Zbarsky <bzbar...@mit.edu> wrote:
On 6/12/12 4:47 AM, Simon Pieters wrote:
The potentially CORS-enabled fetch algorithm ignores the state of the
crossorigin attribute when the URL is same-origin.
Hmm. On the face of it, this seems like a bug when open redirectors are
involved... Is this what UAs implement in practice?
If it redirects, it switches to CORS. However, there are some bugs in the
spec... I just filed https://www.w3.org/Bugs/Public/show_bug.cgi?id=17478
now.
http://www.whatwg.org/specs/web-apps/current-work/multipage/fetching-resources.html#cors-enabled-fetch
--
Simon Pieters
Opera Software
