develop] - CORS security. Allow auth credentials to be passed when using cross site calls. This is required as well as setting the Access-Control-Allow-Origin header on the server.

Justin Mclean Sun, 09 Apr 2017 02:55:35 -0700

Hi,

> But still it would be great to have Bead which holds it.


Can you elaborate why you think it should be in a bead?

This fixes a security issue on the JS side in an existing component. There no 
PAYG cost AFAICS and it’s not adding a new feature or something that should be 
optional.

If user authentication was broken in HTTPService on the AS side but worked in 
JS would you think the best way to fix that was to add a bead?

Thanks,
Justin

Re: git commit: [flex-asjs] [refs/heads/develop] - CORS security. Allow auth credentials to be passed when using cross site calls. This is required as well as setting the Access-Control-Allow-Origin header on the server.

Reply via email to