Skip to content

Add an Access-Control-Request-Method check for CORS preflight requests [SPR-13193] #17785

New issue
New issue
Closed
Closed
Add an Access-Control-Request-Method check for CORS preflight requests [SPR-13193]#17785
Assignees
sdeleuze
Labels
in: webIssues in web modules (web, webmvc, webflux, websocket)type: enhancementA general enhancement
Milestone
4.2 RC3
@spring-projects-issues

Description

@spring-projects-issues
spring-projects-issues
opened on Jul 2, 2015

Sébastien Deleuze opened SPR-13193 and commented

Since based on CORS specification the Access-Control-Request-Method request header is mandatory for preflight requests, we should add this check to CorsUtils.isPreFlightRequest() and FrameworkServlet.doOptions() to identify them more reliably.

Referenced from: commits 8ee0e78

Metadata

Metadata

Assignees

Labels

in: webIssues in web modules (web, webmvc, webflux, websocket)type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions