Skip to content

fix for cross site authentication #41

merged 1 commit into from Dec 14, 2011

2 participants


When using xhr transports, "cookie" may not already be in headers for preflight request.
If request needs cookies to be set/sent, that check will result in 'Access-Control-Allow-Credentials' not being set.

Also, at least in Chrome/Firefox, setting header to value of True will result in it not being detected properly and you'll get a Credentials flag is true, but Access-Control-Allow-Credentials is not "true" error. 'Access-Control-Allow-Credentials' needs to be set to 'true'

reference socketio/

@mrjoes mrjoes merged commit cae7263 into mrjoes:master Dec 14, 2011
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.