danhuawang commented on issue #7541: URL: https://github.com/apache/gravitino/issues/7541#issuecomment-3043280737
The OAuth 2.0 specification requires: According to RFC 6749, the /token endpoint must use the POST method, and parameters must be included in the request body (in application/x-www-form-urlencoded format). I copy the cURL from web browser, the high light part will cause bad request. The bad request response header has no `Access-Control-Allow-Origin`. That's why see the CORS problem. But it's side effect. <img width="780" height="429" alt="Image" src="https://github.com/user-attachments/assets/508ddf46-62be-459b-9468-1d52f2fa5611"; /> The I change the credentials parameters to the request body, the response header has the Access-Control-Allow-Origin. ``` <img width="1512" height="863" alt="Image" src="https://github.com/user-attachments/assets/3a541806-ee82-46c3-8d54-34af20f8f211"; /> ``` Can we change the request parameters to be included in the request body in UI ? I think this can fix the issue. Any comment? @jerqi @LauraXia123 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
