Access-Control-Allow-Headers misssing in version 2.1

Create issue
Issue #22 resolved
Former user created an issue

I get error in my ajax cross-origin request: "Request header custom-header is not allowed by Access-Control-Allow-Headers".

Filter configuration: {code} <filter> <filter-name>CORS</filter-name> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class> <async-supported>true</async-supported> <init-param> <param-name>cors.supportedHeaders</param-name> <param-value>*</param-value> </init-param> </filter>

---- Request headers (for OPTIONS) Access-Control-Request-Method: GET Origin: http://wp.pl Access-Control-Request-Headers: custom-header

--- Response headers Status Code: 200 OK Access-Control-Allow-Methods: HEAD, POST, GET, OPTIONS Access-Control-Expose-Headers: custom-header Connection: keep-alive Content-Length: 0 Content-Type: text/plain; charset=utf-8 Vary: Origin access-control-allow-credentials: true access-control-allow-origin: http://wp.pl

--- Response Headers from version 1.9.3: Access-Control-Allow-Headers: hybris-app, hybris-tenant, hybris-roles, Content-Type Access-Control-Allow-Methods: POST, HEAD, OPTIONS, GET Connection: keep-alive Content-Length: 0 Content-Type: text/plain; charset=utf-8 Vary: Origin access-control-allow-credentials: true access-control-allow-origin: http://wp.pl

Comments (4)

  1. Log in to comment