flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Mclean <jus...@classsoftware.com>
Subject Re: git commit: [flex-asjs] [refs/heads/develop] - CORS security. Allow auth credentials to be passed when using cross site calls. This is required as well as setting the Access-Control-Allow-Origin header on the server.
Date Sun, 09 Apr 2017 09:54:48 GMT
Hi,

> But still it would be great to have Bead which holds it. 

Can you elaborate why you think it should be in a bead?

This fixes a security issue on the JS side in an existing component. There no PAYG cost AFAICS
and it’s not adding a new feature or something that should be optional.

If user authentication was broken in HTTPService on the AS side but worked in JS would you
think the best way to fix that was to add a bead?

Thanks,
Justin
Mime
View raw message