-
Bug
-
Resolution: Fixed
-
Neutral
-
None
-
None
-
-
Empty show more show less
-
Yes
-
HL & LD 34
-
2
As observed initially on MGNLREST-275, SPA developers still need to allow URI access manually, for the SPA to reach template-annotations or template-definitions endpoints.
- URI security is the one bailing out, not delivery—400s/500s emitted by REST endpoints should get proper CORS response headers anyway.
- pages-spa-rendering module should grant GET access to template-definitions endpoint for rest-anonymous by default.
Acceptance criteria
- clones
-
MGNLREST-275 Rest returning CORS error when should return 404 or 500 or not authorized.
- Closed
- relates to
-
PAGES-471 Template annotation endpoint shouldn't require permissions to website repository
- Closed
- mentioned in
-
Page Loading...