Possible error in the "Cross-Origin Resource Sharing" specification, version "http://www.w3.org/TR/2014/REC-cors-20140116/"

# Mikko Östlund (4 days ago)

To whom it may concern,

I believe there may be an error in the "Cross-Origin Resource Sharing" specification, as of version "www.w3.org/TR/2014/REC-cors-20140116".

In subsection 6.2, step 10, there is a note reading:

"Since the list of headers can be unbounded, simply returning supported headers from Access-Control-Allow-Headers can be enough."

I believe it should read:

"Since the list of headers can be unbounded, simply returning supported headers from Access-Control-Request-Headers can be enough."

Best regards,

Mikko Östlund Stockholm, Sweden

E-mail: mikko.ostlund@gmail.com

Contact us to advertise here

Want more features?

Request early access to our private beta of readable email premium.