On Mon, Jul 28, 2014 at 8:34 PM, Ian Hickson <i...@hixie.ch> wrote:
> What's the use case here? Why are we trying to send custom headers on a
> <link>?

E.g. for <img> and such you want to turn authentication dialogs off.
Cross-origin images can be fine, but not if they start spawning
confusing dialogs to users making them leak passwords.


Reply via email to