@bz_moz If it would be useful, we can put this question and others like it on the CORS mdn page for broad input.
-
-
-
I'd love it if we had a good way to poll web developers about this sort of thing.
- 5 more replies
New conversation -
-
-
Error seems to make sense (but it likely doesn't matter, just surfacing it is a win).
-
It's already surfaced, as warning, in Firefox. Trying to decide whether to switch it to error.
- 4 more replies
New conversation -
-
-
(biased) As error for parity otherwise, devs won't find them where they expect them. They should also be console grouped as they get noisy for some sites.
-
Hmm. What does console grouping mean in terms of how they get reported? Right now we report them with "category" set to the specific type of CORS error, but I don't know what console does with the result, exactly...
- 2 more replies
New conversation -
-
-
I don't really mind as long as they're good.
-
So that is a separate question: what constitutes "good" here? The current strings Firefox uses are https://searchfox.org/mozilla-central/rev/ea63a0888d406fae720cf24f4727d87569a8cab5/dom/locales/en-US/chrome/security/security.properties#11-26 … and seem a bit too verbose and clunky to me. Still trying to decide what those should look like.
End of conversation
New conversation -
-
-
if they prevent the request from going through they should be shown as errors in my opinion
-
That's my feeling about it too. Now what about CSP violations? ;)
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.