Closed mklauber closed 3 months ago
You access the "horde api" from TW. That's interesting. I do have an internet facing horde server. Do you intend to publish some more info about that project.
I would be extremely interested.
Resolved in https://github.com/Jermolene/TiddlyWiki5/pull/8152, @mklauber @Jermolene this issue should be closed.
Thanks @saqimtiaz
Describe the bug
Due to tightly configured Access-Control-Allow-Headers headers, extraneous headers can interfere with CORS validation when hitting external APIs. In particular, I ran into an issue with the x-requested-with header not being permitted while playing with the stablehorde API described here.
Unless there's a way to disable/remove these headers, it's probably better (i.e. most flexible) to require users to set them deliberately.
Expected behavior
Only the explicitly configured headers are submitted, or there's a way to remove automatic headers
To Reproduce
No response
Screenshots
No response
TiddlyWiki Configuration
Desktop (please complete the following information):
Additional context
https://github.com/Jermolene/TiddlyWiki5/pull/8148