Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
So IIUC, the code for CORS was added to the middleware last May, but it was never actually activated on the OCS Share API?
That's what I understand from the discussion above, and also, I did a simple test against the API of the demo instance:
curl -I https://test:email@example.com/ocs/v1.php/apps/files_sharing/api/v1/shares
and got back no CORS headers.
(side note: there were actually some cookie headers on there which should be removed if/when switching to CORS)