You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Benson Margulies (Resolved) (JIRA)" <ji...@apache.org> on 2011/12/22 03:39:30 UTC

[jira] [Resolved] (CXF-3994) CORS filter looks at too many headers

     [ https://issues.apache.org/jira/browse/CXF-3994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Benson Margulies resolved CXF-3994.
-----------------------------------

       Resolution: Not A Problem
    Fix Version/s: 2.5.1

This is actually a Chrome bug! It's never supposed to send these.
                
> CORS filter looks at too many headers
> -------------------------------------
>
>                 Key: CXF-3994
>                 URL: https://issues.apache.org/jira/browse/CXF-3994
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS
>    Affects Versions: 2.5.1
>            Reporter: Benson Margulies
>            Assignee: Benson Margulies
>             Fix For: 2.5.1
>
>
> The org.apache.cxf.jaxrs.cors.CrossOriginResourceSharingFilter should not look at 'agent headers' such as Origin or Cookies. Currently, it looks at them, and will reject a preflight one isn't listed in the list of permitted headers.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira