Please sign in to comment.
Default to https for the CORS API.
Heroku uses Strict Transport Security (HSTS), which forces that all requests to *.herokuapp.com must use HSTS. However. Chrome cannot read the CORS response after a HSTS redirect due to https://crbug.com/387198. Since the request is going to be redirected to https anyway, the demo and the documentation will use https by default.
- Loading branch information...