couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stéphane Alnet (JIRA) <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-2027) CORS should not require authentication on preflight OPTIONS request
Date Sat, 11 Jan 2014 11:16:50 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-2027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13868740#comment-13868740
] 

Stéphane Alnet commented on COUCHDB-2027:
-----------------------------------------

The discussion on the pouchdb github references http://www.w3.org/TR/cors/#preflight-request
, specifically the line that says "Exclude user credentials" (on the client side) which points
to the server not requiring them.

> CORS should not require authentication on preflight OPTIONS request
> -------------------------------------------------------------------
>
>                 Key: COUCHDB-2027
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2027
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>            Reporter: Stéphane Alnet
>
> The discussion in https://github.com/daleharvey/pouchdb/issues/1003 points to an issue
whereby CouchDB is requiring authentication for preflight OPTIONS message where it shouldn't.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message