Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CORS route-specific override can conflict with connection defaults #2840

Closed
hueniverse opened this issue Oct 14, 2015 · 0 comments
Closed

CORS route-specific override can conflict with connection defaults #2840

hueniverse opened this issue Oct 14, 2015 · 0 comments

Comments

@hueniverse
Copy link
Contributor

@hueniverse hueniverse commented Oct 14, 2015

If the connection has CORS enabled but one route has it off, and the route is not GET, the OPTIONS prefetch request will return the default CORS headers and then the actual request will go through and return no CORS headers. This defeats the purpose of turning CORS on the route.

Also, try to automate Access-Control-Allow-Methods

hueniverse added a commit that referenced this issue Oct 14, 2015
@hueniverse hueniverse self-assigned this Oct 14, 2015
hueniverse added a commit that referenced this issue Oct 15, 2015
hueniverse added a commit that referenced this issue Oct 15, 2015
hueniverse added a commit that referenced this issue Oct 16, 2015
@hueniverse hueniverse added this to the 10.5.1 milestone Oct 16, 2015
@lock lock bot locked as resolved and limited conversation to collaborators Jan 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant