dariobanfi
commented
5 years ago Or at least returning back non-standard headers from the request in the Access-Control-Allow-Headers response.
Let me know if a merge request is welcome.
Closed dariobanfi closed 5 years ago
dariobanfi
commented
5 years ago Or at least returning back non-standard headers from the request in the Access-Control-Allow-Headers response.
Let me know if a merge request is welcome.
uglyog
commented
5 years ago PR's are always welcome. I am unsure as to why those headers were chosen, but * makes sense to me.
Hi,
I'm trying to test an interaction, where the consumer sends a custom header
X-Authorization. The problem is that if I start the stub-server, with the--corsoption, the server hardcodes:Access-Control-Allow-Headers: authorization, Content-Type( see https://github.com/uglyog/pact-stub-server/blob/master/src/server.rs#L75)This causes the
OPTIONSrequest performed by the browser to fail, becauseX-Authorizationis missing.Wouldn't it make sense to hardcode instead:
Access-Control-Allow-Headers: *?