It's certainly true that not every browser supports CORS. But thinking about it, is logging out via a cross-domain request even that necessary in the vast majority of cases? Same-origin violation would block the POST.
Plus it has nothing to do with using JS to submit a form.
I wasn't saying you submit a form with JavaScript, but rather that the non-JavaScript way you make a POST request is through a user-submitted form, and is therefore intended by the user as opposed to some invisible, unseen operation.
Plus it has nothing to do with using JS to submit a form.
I wasn't saying you submit a form with JavaScript, but rather that the non-JavaScript way you make a POST request is through a user-submitted form, and is therefore intended by the user as opposed to some invisible, unseen operation.