Hi guys, I'm the maintainer of the Java CORS Filter library and I'm trying to resolve an issue [1] with a developer. When Access-Control-Allow-Credentials is advertised, does it apply to the Authorization header (basic HTTP auth, OAuth, etc), or is it limited to brower cookies only? Cheers, Vladimir [1] https://bitbucket.org/thetransactioncompany/cors-filter/issue/16/ -- Vladimir Dzhuvinov <vladimir@dzhuvinov.com>Received on Friday, 10 January 2014 07:45:47 UTC
This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:04 UTC