The GitHub Actions job "Tests (ARM)" on airflow.git/main has failed. Run started by GitHub user potiuk (triggered by potiuk).
Head commit for run: 70257e6968603cdfcb5d34f03e01c5c001d2075f / Jarek Potiuk <[email protected]> Reject wildcard origin in CORS config instead of toggling credentials (#67502) The Access-Control-Allow-Origin: * + Access-Control-Allow-Credentials: true combination is invalid per the CORS spec and browsers refuse to honour any response that does so. The previous fix (#66503) added an access_control_allow_credentials toggle, but allow_credentials=False would break Airflow's UI on any deployment where API and UI are on different origins, so that knob has no realistic use case. Drop the toggle, always send credentialed CORS, and fail loudly at startup with AirflowConfigException if access_control_allow_origins contains "*" so operators see the bad configuration immediately instead of debugging mysterious CORS errors in the browser. Closes #67193 (the revert is no longer needed once the underlying misconfiguration is rejected directly). Report URL: https://github.com/apache/airflow/actions/runs/26541559584 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
