[whatwg/fetch] fetch with request mode as no-cors is causing strict cross origin resource accessable (#994) from naveento on 2020-01-16 (public-webapps-github@w3.org from January 2020)

From: naveento <notifications@github.com>
Date: Thu, 16 Jan 2020 03:29:30 -0800
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/994@github.com>

i am using spring boot with cross origin configured for path "/getData" at "http://localhost:8080" as below
```
registry.addMapping("/getData")
     .allowedOrigins("http://localhost:4000")
           .allowedHeaders("POST, GET, OPTIONS, DELETE");
```

if i try `fetch("http://localhost:8080/getData",{mode:'no-cors'}) ` from "http://localhost:9090".
i am able to access resources. is it intended behaviour or some issue? 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/994

Received on Thursday, 16 January 2020 11:29:36 UTC