[
https://issues.apache.org/jira/browse/CXF-3994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benson Margulies resolved CXF-3994.
-----------------------------------
Resolution: Not A Problem
Fix Version/s: 2.5.1
This is actually a Chrome bug! It's never supposed to send these.
> CORS filter looks at too many headers
> -------------------------------------
>
> Key: CXF-3994
> URL: https://issues.apache.org/jira/browse/CXF-3994
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS
> Affects Versions: 2.5.1
> Reporter: Benson Margulies
> Assignee: Benson Margulies
> Fix For: 2.5.1
>
>
> The org.apache.cxf.jaxrs.cors.CrossOriginResourceSharingFilter should not
> look at 'agent headers' such as Origin or Cookies. Currently, it looks at
> them, and will reject a preflight one isn't listed in the list of permitted
> headers.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
