Nathan Korth created COUCHDB-2292:
-------------------------------------
Summary: Using rewrites results in duplicate CORS header
Key: COUCHDB-2292
URL: https://issues.apache.org/jira/browse/COUCHDB-2292
Project: CouchDB
Issue Type: Bug
Security Level: public (Regular issues)
Components: HTTP Interface
Reporter: Nathan Korth
I have configured my Couch instance to allow cross-origin requests from
localhost:8080 using the following snippet of local.ini:
{code}
[httpd]
enable_cors = true
[cors]
origins = http://localhost:8080
{code}
When I make requests for normal views, Couch sends the
Access-Control-Allow-Origin header as expected, and everything works. However,
I also have a simple rewrite that points to a view, and when I request the
rewrite (which does work outside of a browser), I get a header that looks like
this:
{code}
Access-Control-Allow-Origin: http://localhost:8080, http://localhost:8080
{code}
This causes Chrome to complain with the following error:
{code}
XMLHttpRequest cannot load http://my-couch-instance/rewrite-base/rewrite. The
'Access-Control-Allow-Origin' header contains multiple values
'http://localhost:8080, http://localhost:8080', but only one is allowed. Origin
'http://localhost:8080' is therefore not allowed access.
{code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
