Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] No way to remove the X-requested-with header from tm-http-request requests #8149

Open
mklauber opened this issue Apr 16, 2024 · 1 comment
Open

[BUG] No way to remove the X-requested-with header from tm-http-request requests #8149

mklauber opened this issue Apr 16, 2024 · 1 comment

Comments

@mklauber
Copy link
Contributor

Describe the bug

Due to tightly configured Access-Control-Allow-Headers headers, extraneous headers can interfere with CORS validation when hitting external APIs. In particular, I ran into an issue with the x-requested-with header not being permitted while playing with the stablehorde API described here.

Unless there's a way to disable/remove these headers, it's probably better (i.e. most flexible) to require users to set them deliberately.

Expected behavior

Only the explicitly configured headers are submitted, or there's a way to remove automatic headers

To Reproduce

No response

Screenshots

No response

TiddlyWiki Configuration

  • Version 5.3.1
  • Saving mechanism: Any

Desktop (please complete the following information):

  • OS: linux
  • Browser firefox

Additional context

#8148
@pmario
Copy link
Contributor

pmario commented Apr 16, 2024

You access the "horde api" from TW. That's interesting. I do have an internet facing horde server. Do you intend to publish some more info about that project.

I would be extremely interested.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pmario @mklauber