Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-8563

CorsResponseFilter may add additional value for Access-Control-Allow-Origin causing request errors

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Neutral Neutral
    • 6.3.0, 6.2.26
    • None
    • None

      Steps to reproduce

      1. Add AddHeadersFilter before cors filter
      2. Add Access-Control-Allow-Origin header with some value
      3. Set headers in the cors filter or in site
      4. Make request to trigger cors error

      Expected results

      1. No error in making the request

      Actual results

      1. Error because multiple values are set for Access-Control-Allow-Origin

      Workaround

      Development notes

      1. Change addHeader to setHeader in CorsResponseFilter#addStandardHeaders for Access-Control-Allow-Origin

        Acceptance criteria

          1.
          		 Implementation Sub-task Completed Marek Strucka
          2.
          		 Review Sub-task Completed Jaroslav Simak
          3.
          		 PiQA Sub-task Completed Milan Divilek
          4.
          		 QA Sub-task Completed Jaroslav Simak

              mstrucka Marek Strucka
              jsimak Jaroslav Simak
              DeveloperX
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Bug DoR
                  Task DoD