Set response CORS headers if not already present

IdentityServer / IdentityServer3.AccessTokenValidation

OWIN Middleware to validate access tokens from IdentityServer3

Apache License 2.0

91 stars 149 forks source link

Set response CORS headers if not already present #95

Closed mderriey closed 8 years ago

mderriey commented 8 years ago

When a valid token is found in the request but the scope requirement isn't met, CORS headers are set on the response from the values of several request headers. This potentially conflicts if CORS headers were already set on the response, for example by the CORS middleware.

dnfclas commented 8 years ago

Hi @mderriey, I'm your friendly neighborhood .NET Foundation Pull Request Bot (You can call me DNFBOT). Thanks for your contribution! You've already signed the contribution license agreement. Thanks!

The agreement was validated by .NET Foundation and real humans are currently evaluating your PR.

TTYL, DNFBOT;

leastprivilege commented 8 years ago

great. thanks! but aargh - master branch ;)

mderriey commented 8 years ago

Oops, sorry.