[help] Access-Control-Allow-Credentials: true, Access-Control-Allow-Origin cannot be *, but I did not find the corresponding implementation

If ajax wants to carry cookies when sending cross-domain requests, the withcredentials attribute of the request object must be set to true.

At this time, the server response header Access-Control-Allow-Origin cannot be * (asterisk), it must be a whitelist style, that is, which URLs must be allowed to access, except for the response header Access-Control-Allow-Origin Setting, you must also set another response header: Access-Control-Allow-Credentials: true.


```
	if c.allowCredentials {
                 // TODO：Missing settings for Access-Control-Allow-Origin, when AllowedOrigins=*
		headers.Set("Access-Control-Allow-Credentials", "true")
	}
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[help] Access-Control-Allow-Credentials: true, Access-Control-Allow-Origin cannot be *, but I did not find the corresponding implementation #117

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[help] Access-Control-Allow-Credentials: true, Access-Control-Allow-Origin cannot be *, but I did not find the corresponding implementation #117

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions