The cross origin request policy should be to disallow cross origin requests by default. This will make existing client code behave the same as before.
Created attachment 89451 [details] Proposed Patch Sorry for the churn, got this wrong somehow.
The commit-queue encountered the following flaky tests while processing attachment 89451 [details]: http/tests/misc/favicon-loads-with-icon-loading-override.html bug 58412 (author: alice.liu@apple.com) The commit-queue is continuing to process your patch.
Comment on attachment 89451 [details] Proposed Patch Clearing flags on attachment: 89451 Committed r83829: <http://trac.webkit.org/changeset/83829>
All reviewed patches have been landed. Closing bug.