Closed AusIV closed 5 years ago
The cors library we're using used to inject:
"Access-Control-Allow-Origin: $REQUEST.ORIGIN"
Which would in turn get cached in CloudFront, preventing people on other origins from requesting the same resources.
The library has switched from responding with $REQUEST.ORIGIN to responding with "*" for other security reasons, so this should resolve our issues.
The cors library we're using used to inject:
Which would in turn get cached in CloudFront, preventing people on other origins from requesting the same resources.
The library has switched from responding with $REQUEST.ORIGIN to responding with "*" for other security reasons, so this should resolve our issues.