mirrors/EWF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CORS: respect specification regarding Access-Control-Allow-Headers

Browse Source 
According to the specification, the value of the response header
Access-Control-Allow-Headers must contain at least all the values of the
request header Access-Control-Request-Headers to be considered a valid request.
Before this commit, only the Authorization value was present, which is enough
for Firefox but not for Chrome.
This should now work as expected.
This commit is contained in:
Olivier Ligot
2013-02-22 15:58:09 +01:00
parent ff57d0ecd4
commit 12404a2d5c
5 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
library/server/wsf/src/wsf_request.e
View File

@@ -958,6 +958,13 @@ feature -- HTTP_*
Result := wgi_request.http_transfer_encoding
end
http_access_control_request_headers: detachable READABLE_STRING_8
-- Indicates which headers will be used in the actual request
-- as part of the preflight request
do
Result := wgi_request.http_access_control_request_headers
end
feature -- Extra CGI environment variables
request_uri: READABLE_STRING_8