CORS: answer with only one allowed domain (the origin one) #9

New issue

Open

opened 2019-09-13 14:54:20 +00:00 by avernois · 0 comments

avernois commented 2019-09-13 14:54:20 +00:00 (Migrated from gitlab.com)

Copy link

"Access-Control-Allow-Origin" only accept one origin (and not a list as we currently do).

To accept multiple origin, we should set "Access-Control-Allow-Origin" with the origin of the request (if it comes from an allowed origin).

"Access-Control-Allow-Origin" only accept one origin (and not a list as we currently do). To accept multiple origin, we should set "Access-Control-Allow-Origin" with the origin of the request (if it comes from an allowed origin).

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

list_products

latest

release-1.3

14_persistence

16-server-should-return-parsable-exceptions

6-list-product-status

bis-success-and-cancel-url-could-be-set-per-request

rename-below-minimum-amount

10-success-and-cancel-url-could-be-set-per-request

release-1.2

5-remove-a-product_using-a-service

authorization_service

5-remove-a-product

5-remove-a-product_using_authorizer

add_readme

release-1.1

remove_remove_product_feature

4-add-a-way-to-redirect-to-a-specific-page-when-there-is-an-unknow-exception

2-manage-cors

1-proper-await-for-server-stop

release-1.0

type_limited_and_unlimited_product

v1.3

v1.2

v1.1

v1.0

Labels

Clear labels   

Doing

  

To Do

  

api

  

test

No labels

Doing

To Do

api

test

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

avernois/pay_what_you_want#9

No description provided.