[v1.4.1] Webpack with CORS

[zallek]

When the fetched URL exposes the CORS header 'Access-Control-Allow-Origin': '*', the request fails.

A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true.

Webpack is using this lib as a http module https://github.com/substack/http-browserify. And for some reason, the lib set by default xhr.withCredentials to true.

Adding withCredentials: false on params given to http module solves the issue https://github.com/BigstickCarpet/json-schema-ref-parser/blob/v1.4.1/lib/read.js#L176

var req = protocol.get(
  {
    hostname: u.hostname,
    port: u.port,
    path: u.path,
    auth: u.auth,
    withCredentials: false,
  },
  onResponse
);

[zallek]

I created a branch on my fork https://github.com/zallek/json-schema-ref-parser/tree/bugfix/cors-webpack
commit: zallek@32c1179

But I can't create PR for your repo because I need a target branch based on v1.4.1 tag.

[JamesMessinger]

This issue is fixed in newer versions of the library. Please upgrade to the latest version, which includes many critical bug fixes, as well as many new features.