httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 51223] 304 HTTP Not Modified strips out CORS headers
Date Mon, 16 May 2016 14:29:44 GMT

--- Comment #14 from Eric Covener <> ---
(In reply to rdehouss from comment #13)
> Hello,
> I do face the issue as well.
> Cross domain, I fetch a resource which is cacheable and when apache respond
> with 304, the CORS headers are not present and so, the browser (Firefox in
> this case) alerts with:
> ross-Origin Request Blocked: The Same Origin Policy disallows reading the
> remote resource at (Reason: CORS header
> 'Access-Control-Allow-Origin' does not match '').
> If I do a hard refresh, I get back a status 200 and with it, the CORS
> headers are well there.
> I also do send the Vary: Origin to specify that the cache should take into
> account the Origin header but it does not help.
> Can the patch provided be considered?

Can you share the request and response headers both on the initial uncached
request and the subsequent conditional request?  Based on @mnot's posts in this
PR, it seems like there is yet to be a "natural" case of this being an issue

You are receiving this mail because:
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message