Return-Path: 
 <dev-return-32990-apmail-couchdb-dev-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-dev-archive@www.apache.org
Delivered-To: apmail-couchdb-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id B56B8C276
	for <apmail-couchdb-dev-archive@www.apache.org>;
 Wed, 12 Mar 2014 16:36:03 +0000 (UTC)
Received: (qmail 59611 invoked by uid 500); 12 Mar 2014 16:35:48 -0000
Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org
Received: (qmail 59398 invoked by uid 500); 12 Mar 2014 16:35:46 -0000
Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@couchdb.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@couchdb.apache.org>
List-Post: <mailto:dev@couchdb.apache.org>
List-Id: <dev.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list dev@couchdb.apache.org
Received: (qmail 59337 invoked by uid 99); 12 Mar 2014 16:35:44 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Mar 2014 16:35:44 +0000
Date: Wed, 12 Mar 2014 16:35:44 +0000 (UTC)
From: "Brad Rhoads (JIRA)" <jira@apache.org>
To: dev@couchdb.apache.org
Message-ID: <JIRA.12688387.1389438773403.52134.1394642144240@arcas>
In-Reply-To: <JIRA.12688387.1389438773403@arcas>
References: <JIRA.12688387.1389438773403@arcas>
Subject: [jira] [Commented] (COUCHDB-2027) CORS should not require
 authentication on preflight OPTIONS request
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/COUCHDB-2027?page=3Dcom.atlassi=
an.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=3D13=
931950#comment-13931950 ]=20

Brad Rhoads commented on COUCHDB-2027:
--------------------------------------

My problem was solved by:

1. adding headers=3D accept, authorization, content-type, origin into [cors=
] section of local.ini // the docs were not clear to me about this
2. Adding an Authorization header in my AJAX request :

 $.ajax({
=09    type: "GET",
=09    contentType: "application/json",
=09    dataType: "json",
        url: myUrl
        beforeSend: setHeader,
        error: function (error) {
=09=09   console.log(error);
        },
        success: function (remoteAppInfo) {
=09  ...
        }
    });

    function setHeader(xhr) {
=09=09console.log("setHeader");
=09 =09xhr.setRequestHeader('Authorization',"Basic " + btoa("estanteuser:Dn=
batfydnkwadm6f"));
    }


> CORS should not require authentication on preflight OPTIONS request
> -------------------------------------------------------------------
>
>                 Key: COUCHDB-2027
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2027
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>            Reporter: St=C3=A9phane Alnet
>
> The discussion in https://github.com/daleharvey/pouchdb/issues/1003 point=
s to an issue whereby CouchDB is requiring authentication for preflight OPT=
IONS message where it shouldn't.



--
This message was sent by Atlassian JIRA
(v6.2#6252)