tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 63939] CORS filter incorrectly implements same/local origin check
Date Fri, 29 Nov 2019 14:08:13 GMT

--- Comment #1 from Mark Thomas <> ---
The CORS specification references RFC 6454 for the definition of the origin

RFC 6454 states that the port should only be included in serialized form (which
is the form used in the HTTP header) if the port differs from the default port.
Tomcat's same origin test is, therefore, correct in this respect.

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message