[Webkit-unassigned] [Bug 111008] CORS preflight with a non-200 response should be a preflight failure

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Mar 1 14:48:49 PST 2013


https://bugs.webkit.org/show_bug.cgi?id=111008





--- Comment #2 from Boris Zbarsky <bzbarsky at mit.edu>  2013-03-01 14:51:13 PST ---
Note that I think it's not worth doing the 200-only thing at this point.  I think WebKit _should_ stop accepting 5xx and 4xx preflights, however: there are no legitimate uses and it's additional attack surface.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list