mirrors/EWF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CORS: respect specification regarding Access-Control-Allow-Headers

Browse Source 
According to the specification, the value of the response header
Access-Control-Allow-Headers must contain at least all the values of the
request header Access-Control-Request-Headers to be considered a valid request.
Before this commit, only the Authorization value was present, which is enough
for Firefox but not for Chrome.
This should now work as expected.
This commit is contained in:
Olivier Ligot
2013-02-22 15:58:09 +01:00
parent ff57d0ecd4
commit 12404a2d5c
5 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/server/ewsgi/specification/request/wgi_meta_names.e
View File

@@ -50,6 +50,8 @@ feature -- Access
http_transfer_encoding: STRING = "HTTP_TRANSFER_ENCODING"
http_access_control_request_headers: STRING = "HTTP_ACCESS_CONTROL_REQUEST_HEADERS"
gateway_interface: STRING = "GATEWAY_INTERFACE"
auth_type: STRING = "AUTH_TYPE"