afs commented on issue #1516: URL: https://github.com/apache/jena/issues/1516#issuecomment-1239477530
Did you mean https://fetch.spec.whatwg.org/#cors-protocol-and-credentials ? A common mode of operation, and what Shiro is doing, is to do authentication with servlet filter which is insensitive to the HTTP method. How do other system handle this? I found https://stackoverflow.com/questions/60786804/apache-shiro-is-breaking-the-cors-configuration-of-my-spring-boot-restapi which is about servlet filter order. But not all CORS should be before authientication? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
