You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by "Artur Nowak (JIRA)" <ji...@apache.org> on 2016/07/05 09:03:11 UTC

[jira] [Commented] (COUCHDB-2027) CORS should not require authentication on preflight OPTIONS request

    [ https://issues.apache.org/jira/browse/COUCHDB-2027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15362243#comment-15362243 ] 

Artur Nowak commented on COUCHDB-2027:
--------------------------------------

None of these solutions work for DELETE requests for {{/_session}}. Pre-flight header is sent in every case, and fails with 405.

> CORS should not require authentication on preflight OPTIONS request
> -------------------------------------------------------------------
>
>                 Key: COUCHDB-2027
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2027
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>            Reporter: Stéphane Alnet
>
> The discussion in https://github.com/daleharvey/pouchdb/issues/1003 points to an issue whereby CouchDB is requiring authentication for preflight OPTIONS message where it shouldn't.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)