[wp-trac] [WordPress Trac] #43428: Improve CORS headers sent to REST Api requests
WordPress Trac
noreply at wordpress.org
Wed Mar 28 11:47:14 UTC 2018
#43428: Improve CORS headers sent to REST Api requests
-------------------------+------------------------------------
Reporter: andrei.igna | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: trunk
Severity: normal | Resolution:
Keywords: | Focuses: rest-api, performance
-------------------------+------------------------------------
Comment (by andrei.igna):
Yes, there seems to be a small mistake on MDN docs about this. Probably
will be updated shortly there too
`OPTIONS` can be added in [https://developer.mozilla.org/en-
US/docs/Web/HTTP/Headers/Allow Allow response header] to let the client
know this method is available, but is unnecessary in `Access-Control-
Allow-Headers`
`Access-Control-Allow-Headers` is a response header found only in
`OPTIONS` requests, so it can't say that it allows itself after the
request has been served
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43428#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list