Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix authorization header in cors #21662

merged 2 commits into from Mar 9, 2019


None yet
4 participants
Copy link

commented Mar 4, 2019


This PR allow Authorization header in cors (like X-HA-accessheader)

Related issue (if applicable): fixes #18566


  • The code change is tested and works locally.
  • Local tests pass with tox. Your PR cannot be merged unless tests pass
  • There is no commented out code in this PR.

@piitaya piitaya requested a review from home-assistant/core as a code owner Mar 4, 2019


This comment has been minimized.

Copy link

commented Mar 4, 2019

Hi @piitaya,

It seems you haven't yet signed a CLA. Please do so here.

Once you do that we will be able to review and accept this pull request.


@ghost ghost added the in progress label Mar 4, 2019


balloob approved these changes Mar 4, 2019

@homeassistant homeassistant added cla-signed and removed cla-needed labels Mar 4, 2019


This comment has been minimized.

Copy link

commented Mar 4, 2019

ok to merge when CLA signed.

Show resolved Hide resolved homeassistant/ Outdated
Show resolved Hide resolved homeassistant/components/http/ Outdated

This comment has been minimized.

Copy link

commented Mar 5, 2019

Per @fondberg 's comment, this is not correct way to resolve the problem.

See spec:

Note that even so, a CORS-preflight request never includes credentials.


This comment has been minimized.

Copy link

commented Mar 5, 2019

Oh, I misread the issue. This pull request is good, it changed Access-Control-Allow-Headers in preflight response.

@balloob balloob merged commit 4d9cf15 into home-assistant:dev Mar 9, 2019

4 checks passed

Hound No violations found. Woof!
cla-bot Everyone involved has signed the CLA
continuous-integration/travis-ci/pr The Travis CI build passed
coverage/coveralls First build on fix-auth-cors at 92.725%

@ghost ghost removed the in progress label Mar 9, 2019

mxworm added a commit to mxworm/home-assistant that referenced this pull request Mar 9, 2019

Merge branch 'dev' into current
* dev: (82 commits)
  Add ClearPass Policy Manger device tracker (home-assistant#21673)
  Better cloud check (home-assistant#21875)
  Bump quirks for ZHA and handle resulting battery % change (home-assistant#21869)
  Only commit if need. (home-assistant#21848)
  Fix authorization header in cors (home-assistant#21662)
  Introduce Entity.async_write_ha_state() to not miss state transition (home-assistant#21590)
  Fix TypeError (home-assistant#21734)
  Update to read current humidity for US Thermostats (home-assistant#21728)
  Override http.trusted_networks by auth_provider.trusted_networks (home-assistant#21844)
  mobile_app improvements (home-assistant#21607)
  Fixed a misspelling in a docstring (home-assistant#21846)
  Update dependencies to receive data on webhook callbacks (home-assistant#21838)
  Fix config entry exception in Ambient PWS (home-assistant#21836)
  Updated to pyeconet 0.0.10 (home-assistant#21837)
  fix empty TOPIC_BASE issue (home-assistant#21740)
  Synology sensor quick return if attr is null (home-assistant#21709)
  Add support for Cisco Mobility Express (home-assistant#21531)
  Log if aiohttp hits error during IndieAuth (home-assistant#21780)
  Resolve auth_store loading race condition (home-assistant#21794)
  Load logger and system_log components as soon as possible (home-assistant#21799)

@balloob balloob referenced this pull request Mar 20, 2019


0.90.0 #22216

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.