[Bug 62419] Avoid CORS Origin echoing by default

https://bz.apache.org/bugzilla/show_bug.cgi?id=62419 --- Comment #2 from Ralf Hauser --- To easily test whether you are affected curl -vsLH "Origin: http://evil.com"; https://yourdomain.tld/ 2>&1 | grep -i access-control If you see "evil", then you are, if you see "*" you are not. -- You a

[Bug 62419] Avoid CORS Origin echoing by default

https://bz.apache.org/bugzilla/show_bug.cgi?id=62419 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---