Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added Cache-Control in CORs allowed headers #29

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

sebastien-roch
Copy link

Some library set this header to avoid caching, but the browser will deny the COR request with Request header field Cache-Control is not allowed by Access-Control-Allow-Headers in preflight response.

Some library set this header to avoid caching, but the browser will deny the COR request with `Request header field Cache-Control is not allowed by Access-Control-Allow-Headers in preflight response.`
@dereklieu
Copy link
Member

@sebastien-roch can you give a test case where this is happening? Which browser rejects this header?

@sebastien-roch
Copy link
Author

sebastien-roch commented Jul 3, 2017

I'm using qwest (https://github.com/pyrsmk/qwest) and this library sets a No-Cache header by default on the requests (which often makes sense for ajax requests). Any modern browser will throw the mentioned error if the response does not have the proper Access-Control-Allow-Headers value, because of CORs rules. I tested with Chrome.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants