Uploaded image for project: 'Quarkus'
  1. Quarkus
  2. QUARKUS-3703

Log invalid CORS origin and method


      The invalid origin failing the same origin test is already logged, but there could be cases where invalid origins can not be logged, so did a minor update to log it and also did the same for the invalid method. These are only 2 cases where 403 is returned.
      Preflight requests can also fail indirectly with 200, by not including some of the expected CORS headers for allowed/exposed headers but making a correct LOG message as to whether a given header is invalid is trickier and may be misleading, for this PR I'd like to avoid it

            Unassigned Unassigned
            olubyans@redhat.com Alexey Loubyansky
            Martin Ocenas Martin Ocenas
            0 Vote for this issue
            3 Start watching this issue