[Bug 57724] CorsFilter does not work correctly if the "origin" has the same value with the "host"

bugzilla Wed, 18 Mar 2015 08:35:51 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=57724


Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 OS|                            |All
         Resolution|---                         |INVALID
             Status|NEW                         |RESOLVED

--- Comment #2 from Mark Thomas <ma...@apache.org> ---
If the client sends the origin header then the server has to treat it as a CORS
request. I don't see any scope in the CORS spec for the behaviour you are
requesting.

I do wonder why Chrome is adding the origin header but that is a question for
Chrome.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57724] CorsFilter does not work correctly if the "origin" has the same value with the "host"

Reply via email to