Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Generate cors headers without wildcards #717

Merged
merged 1 commit into from Aug 9, 2016
Merged

Generate cors headers without wildcards #717

merged 1 commit into from Aug 9, 2016

Conversation

@matteosuppo
Copy link
Contributor

@matteosuppo matteosuppo commented Aug 9, 2016

The header Access-Control-Allow-Origin doesn't accept
wildcards such as *.example.com. Therefore after the
origin has been checked as valid, the header should
contain the origin without wildcards.

For example if we got an origin such as test.example.com
and we accept origins matching *.example.com, the resulting
header will be: Access-Control-Allow-Origin: test.example.com

Fix #711

Signed-off-by: Matteo Suppo matteo.suppo@gmail.com

The header Access-Control-Allow-Origin doesn't accept
wildcards such as *.example.com. Therefore after the
origin has been checked as valid, the header should
contain the origin without wildcards.

For example if we got an origin such as test.example.com
and we accept origins matching *.example.com, the resulting
header will be: Access-Control-Allow-Origin: test.example.com

Signed-off-by: Matteo Suppo <matteo.suppo@gmail.com>
@raphael
Copy link
Member

@raphael raphael commented Aug 9, 2016

This is great! thank you.

@raphael raphael merged commit 2a6e833 into goadesign:master Aug 9, 2016
1 check passed
1 check passed
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@matteosuppo matteosuppo deleted the matteosuppo:fix_cors_711 branch Aug 9, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants