Skip to content

feat(runtime): add CORS headers to OPTIONS requests to assets #141

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 16, 2020
Merged

feat(runtime): add CORS headers to OPTIONS requests to assets #141

merged 3 commits into from
Jun 16, 2020

Conversation

@philnash
Copy link
Contributor

@philnash philnash commented Jun 9, 2020

Fixes #107.

I checked and when you make an OPTIONS request to an asset you get these CORS headers:

access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: ETag
access-control-max-age: 86400
access-control-allow-credentials: true

But you don't get those headers for other requests.

Contributing to Twilio

All third-party contributors acknowledge that any contributions they provide will be made under the same open-source license that the open-source project is provided under.

  • I acknowledge that all my contributions will be made under the project's license.

@philnash philnash changed the title Adds CORS headers to OPTIONS requests to assets. feat(runtime): add CORS headers to OPTIONS requests to assets Jun 9, 2020
@philnash philnash requested a review from dkundel June 12, 2020 01:24
dkundel
dkundel suggested changes Jun 15, 2020
View reviewed changes
@philnash philnash requested a review from dkundel June 16, 2020 00:32
@dkundel dkundel merged commit 46fffa0 into twilio-labs:master Jun 16, 2020
@twilio-product-security twilio-product-security mentioned this pull request Jun 24, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@dkundel dkundel dkundel approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Improvement: CORS headers

2 participants

@philnash @dkundel