Closed jdesrosiers closed 7 years ago
Is this still true?
Yes. I have not implemented support for setting the Access-Control-Allow-Headers
header. I have never needed to use this feature and have had no requests for it, so I don't plan on implementing it any time soon. I've kept the issue open in case anyone wants to request the feature be implemented or submit a pull request.
Is this a feature you would like to have?
I don't need it right this moment but I'd see it as a nice-to-have so that the spec was fully implemented.
That's exactly what I was thinking when I created the issue in the first place :)
+1 I also need that.
@herbertpimentel, I'll look into it, but it will be at least a few weeks before I have the time.
It's been a while, but I finally went back and added this functionality.
As far as I know, the
CorsServiceProvider
can support all features in theCORS
specification except oneAccess-Control-Allow-Headers
. It cheats by hardcoding this header*
. For this service to be complete, it needs to all the user to specify a value forAccess-Control-Allow-Headers
.