Released to keep tag integrity, equivalent to v3.0.0
Earlier releases pulled
Published by mschae over 3 years ago
origin
will pass the conn
to theaccess-control-request-headers
(thanks @zhhz for the initial report andPublished by mschae almost 6 years ago
"null"
we don't set the headers at all if the origin doesn't match, as suggested by the CORS draft 7.2. Thanks to @YuLeven for initiating the discussion and @slashmili for fixing it. Since we change the return values I consider this a breaking change and released a new major version.send_preflight_response?
to false
(it's true
by default) to stop CorsPlug
sending a response to the frelight request. That way the correct headers are set but it's up to you to respond to the request downstream.Published by mschae over 6 years ago
origins
(plug: CORSPlug, origin: ~w(example1.com example2.com)
).Access-Control-Expose-Headers
now worksBoth of these have been brought to you by @jer-k - many thanks!