Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: PLINK_2.5.0.beta4
Affects Version/s: PLINK_2.5.0.beta3
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/picketlink/picketlink/pull/129

According to the W3C spec, user credentials should never be sent with preflight (OPTIONS) requests. This means that the server should respond to an OPTIONS request even if the eventual request (GET, POST, ...) is protected by Basic or Digest authentication and should not respond with a 401.

http://www.w3.org/TR/cors/#preflight-request

is related to

AEROGEAR-1243 CORS requests are blocked by Auth in controller demo

Resolved

Assignee:: Pedro Igor Craveiro

Reporter:: Kris Borchers (Inactive)

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2013/05/28 11:52 AM

Updated:: 2013/06/03 10:45 PM

Resolved:: 2013/06/03 6:29 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates