Closed Bug 988831 Opened 9 years ago Closed 9 years ago
Enable CORS for all routes and allow credentials
Because of bug 966216 we cannot use SystemXHR to relax the same-origin XHR restrictions for the Gaia Loop client until the server stops using cookies to authenticate users, so we need CORS enabled for all routes in the server. We have a white list of allowed origins in the server so I can't think about any reason not to do this.
Hi, thanks for opening this. I wonder what would be the origin for requests coming from the phone, and if having CORS for all the routes would solve this?
After some quick chat, it seems to solve the problem you're mentioning, so let's do that.
Comment on attachment 8397856 [details] [review] v1 Thanks, I merged it with the last changes you did. https://github.com/mozilla-services/loop-server/commit /b8d17bf34c0cdba4e238b1ef9326f121fe217131
Attachment #8397856 - Flags: review?(alexis+bugs) → review+
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Fix either went out with a previous deployment to Production or has been superceded by new code...
Status: RESOLVED → VERIFIED
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/mozilla-inbound/rev/c0be190ee52a support memory mapped files in Windows. r=ehoogeveen
(In reply to Pulsebot from comment #7) > Pushed by email@example.com: > https://hg.mozilla.org/integration/mozilla-inbound/rev/c0be190ee52a > support memory mapped files in Windows. r=ehoogeveen This is bug 988813
You need to log in before you can comment on or make changes to this bug.