bakura10
commented
8 years ago Hi,
If I remember the spec the current behaviour is the expected one. Can you please point me to the spec that shows that it's wrong?
Closed elmosgot closed 7 years ago
bakura10
commented
8 years ago Hi,
If I remember the spec the current behaviour is the expected one. Can you please point me to the spec that shows that it's wrong?
CyberLine
commented
8 years ago Chrome Browser does block this for Example ....
boesing
commented
7 years ago Here are some more informations about that issue: CORS: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true
weierophinney
commented
7 years ago Thanks, @elmosgot for the patch, and @boesing for the link explaining the background.
A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true.