DefaultIsOriginAllowed should StringComparer.Ordinal be changed to StringComparer.OrdinalIgnoreCase? #2373
Labels
area-mvc
Includes: MVC, Actions and Controllers, Localization, CORS, most templates
From @benhysell on Friday, August 11, 2017 11:58:50 AM
https://github.com/aspnet/CORS/blob/8214954d5b0dafe191890da9a3de86f5b607ea69/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsPolicy.cs#L161
Is the only place where string comparison is cased...should it ignore case?
Ran into an issue today where I built my own policy:
And I'm reading the configuration in from
appsettings.json
.All worked great, but I was having an odd failure with my production
appsettings.json
. Fromappsettings.json.Production
My CORS were failing.
The second I changed
"http://MyCoolProductionServer"
to lowercase everything worked as expected.I realize that I cased my server name in my
appsettings.json.Production
, my mistake...but should that comparison be case sensitive?Copied from original issue: aspnet/CORS#124
The text was updated successfully, but these errors were encountered: