350533 – Add "Origin" to the list of allowed headers in CrossOriginFilter

Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 350533 - Add "Origin" to the list of allowed headers in CrossOriginFilter

Summary: Add "Origin" to the list of allowed headers in CrossOriginFilter

Status:	RESOLVED FIXED

Alias:	None

Product:	Jetty
Classification:	RT
Component:	server (show other bugs)
Version:	7.4.2
Hardware:	PC Linux

Importance:	P3 normal (vote)
Target Milestone:	7.2.x
Assignee:	Simone Bordet
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2011-06-28 05:25 EDT by Simone Bordet
Modified:	2011-06-28 08:08 EDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Simone Bordet

2011-06-28 05:25:45 EDT

Chrome 13 sends also "Origin" in the list of Access-Control-Request-Headers, so the current CrossOriginFilter configuration will deny the preflight request.

Comment 1 Simone Bordet

2011-06-28 08:08:53 EDT

Added "Origin" to default configuration.