Closed
Bug 701409
Opened 13 years ago
Closed 13 years ago
Set Cross-Origin Resource Sharing on verification
Categories
(addons.mozilla.org Graveyard :: API, defect, P1)
addons.mozilla.org Graveyard
API
Tracking
(Not tracked)
RESOLVED
FIXED
6.3.4
People
(Reporter: andy+bugzilla, Unassigned)
References
Details
We need to set Cross-Origin Resource Sharing on the verification url as defined at: https://developer.mozilla.org/en/http_access_control The short version is that you add this header to the response: Access-Control-Allow-Origin: *
|
Reporter | |
Updated•13 years ago
|
Target Milestone: --- → 6.3.4
|
||
Comment 1•13 years ago
|
||
We already have a decorator for this (allowing GET requests) in apps.stats.decorators.allow_cross_site_request I don't know what the verification URL is though. If there is any question about long term affects please get security involved before patching.
|
|
Reporter | |
Comment 2•13 years ago
|
||
https://github.com/mozilla/zamboni/commit/a95695
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
Assignee | |
Updated•8 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•