https://bz.apache.org/bugzilla/show_bug.cgi?id=51223
--- Comment #14 from Eric Covener <[email protected]> --- (In reply to rdehouss from comment #13) > Hello, > > I do face the issue as well. > > Cross domain, I fetch a resource which is cacheable and when apache respond > with 304, the CORS headers are not present and so, the browser (Firefox in > this case) alerts with: > ross-Origin Request Blocked: The Same Origin Policy disallows reading the > remote resource at http://test.com/test.json. (Reason: CORS header > 'Access-Control-Allow-Origin' does not match 'http://test.com'). > > If I do a hard refresh, I get back a status 200 and with it, the CORS > headers are well there. > > I also do send the Vary: Origin to specify that the cache should take into > account the Origin header but it does not help. > > Can the patch provided be considered? Can you share the request and response headers both on the initial uncached request and the subsequent conditional request? Based on @mnot's posts in this PR, it seems like there is yet to be a "natural" case of this being an issue documented. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
