Antonio Sargento created CXF-5598:
-------------------------------------
Summary: Header field name comparison not correct in
CrossOriginResourceSharingFilter
Key: CXF-5598
URL: https://issues.apache.org/jira/browse/CXF-5598
Project: CXF
Issue Type: Bug
Components: JAX-RS, JAX-RS Security
Affects Versions: 2.7.10
Reporter: Antonio Sargento
The CrossOriginResourceSharingFilter is not handled correctly the header field
name comparison (ex: method effectiveAllowHeaders).
On RFC 2616, "Hypertext Transfer Protocol -- HTTP/1.1", 4.2, "Message Headers":
{panel}
Each header field consists of a name followed by a colon (":") and the field
value. Field names are case-insensitive.
{panel}.
Even http://www.w3.org/TR/cors points that on 3. "Terminology" (ASCII
case-insensitive match).
--
This message was sent by Atlassian JIRA
(v6.2#6252)
