CorsResponseFilter failure when Access-Control-Request-Headers has multiple values (MAGNOLIA-8589)

[MAGNOLIA-9123] QA Created: 28/Sep/23  Updated: 04/Oct/23  Resolved: 04/Oct/23

Status: Closed
Project: Magnolia
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Sub-task Priority: Neutral
Reporter: Anh Vu Assignee: Oanh Thai Hoang
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: 0.25d
Original Estimate: Not Specified

Template:
Date of First Response:
Sprint: DevX 47
Team: DeveloperX

 Comments   
Comment by Oanh Thai Hoang [ 04/Oct/23 ]

Config header test-header in cors of fallback and try to test with 

 

curl -k --verbose 'https://nightly.magnolia-cms.com/.rest/delivery/tours/v1' -X OPTIONS -H 'Access-Control-Request-Method: GET' -H 'Access-Control-Request-Headers: X-PINGOTHER,X-Requested-With,test-header' -H 'Origin: https://shop.komsa.local'

 

See output: 204 and test-header

* Mark bundle as not supporting multiuse
< HTTP/1.1 204 
< Date: Wed, 04 Oct 2023 03:21:52 GMT
< Connection: keep-alive
< Set-Cookie: JSESSIONID=AF88CC9EF26CA57A8156DDC5AFEF3EF6; Path=/; HttpOnly
< X-Magnolia-Registration: Registered
< Vary: Access-Control-Request-Method,Access-Control-Request-Headers
< Access-Control-Allow-Methods: GET
< Access-Control-Allow-Headers: accept,content-type,origin,test-header,x-pingother,x-requested-with
< Access-Control-Allow-Origin: *
<  
Generated at Mon Feb 12 04:38:48 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.