You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We need CORS to be configurable in the Connector, especially for SPSP, but probably generally. The default should probably be */* or whatever, but we need to honor config here for proper ops deployment.
Also, see default SpringBoot functionality here - we should probably not do custom CORS if we can help it.
sappenin
changed the title
Allow CORS to be disabled on SPSP and other endpoints
Allow CORS to be configured on SPSP and other HTTP endpoints
Apr 10, 2020
This shouldn't be necessary for Xpring wallet because we aren't doing CORS calls to the connector. We used to do CORS calls to Hermes but even that is gone because wallet calls Hermes on the same domain as the wallet (for JWT cookie sharing)
We need CORS to be configurable in the Connector, especially for SPSP, but probably generally. The default should probably be
*/*
or whatever, but we need to honor config here for proper ops deployment.Also, see default SpringBoot functionality here - we should probably not do custom CORS if we can help it.
See https://spring.io/blog/2015/06/08/cors-support-in-spring-framework
The text was updated successfully, but these errors were encountered: