Wilfred Spiegelenburg created YUNIKORN-2967:
-----------------------------------------------
Summary: Cleanup REST response headers
Key: YUNIKORN-2967
URL: https://issues.apache.org/jira/browse/YUNIKORN-2967
Project: Apache YuniKorn
Issue Type: Improvement
Components: core - common
Reporter: Wilfred Spiegelenburg
Assignee: Wilfred Spiegelenburg
The REST responses set a standard header set on all responses.
The [RFC|https://datatracker.ietf.org/doc/html/rfc7480#section-5.6] says for
CORS headers:
{code:java}
Use of the Access-Control-Allow-Credentials header field is NOT
RECOMMENDED.{code}
We set that header to TRUE, we should not do that.
All methods are part of all responses in the Access-Control-Allow-Methods list.
That is not correct, we do not support HEAD and only POST for one. We should
not set all of these methods, just the GET or POST beside the OPTIONS that is
supported.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
