Closed nrutledge closed 2 years ago
The current simpleCors policy is insufficient. The headers required for pagination, etc. are not accessible in the browser with this policy.
simpleCors
Custom response headers that must be in the corsExposedHeaders list:
corsExposedHeaders
Total-Count
Accept-Ranges
Content-Range
Next-Range
The following request headers must also be allowed (may already be included in simpleCors):
Range
Authorization
Note: the other fields in the simpleCors policy appear to have good configurations, so we want to keep those as is for now.
The current
simpleCors
policy is insufficient. The headers required for pagination, etc. are not accessible in the browser with this policy.Custom response headers that must be in the
corsExposedHeaders
list:Total-Count
Accept-Ranges
Content-Range
Next-Range
The following request headers must also be allowed (may already be included in
simpleCors
):Range
Authorization
Note: the other fields in the
simpleCors
policy appear to have good configurations, so we want to keep those as is for now.