[ https://issues.apache.org/jira/browse/SLING-6946?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Georg Henzler updated SLING-6946: --------------------------------- Description: There is no reason why the HC servlet should not be allowed to be called from a webpage that was served from another domain. Hence the header {{Access-Control-Allow-Origin}} shall be added with a default value {{*}} (configurable in case it is really needed, but allowing general access as default makes sense here). Concrete Use Case: A Jenkins HTML Report that aggregates HC results from multiple sling instances. was: There is no reason why a HC servlet should not be allowed to called from a webpage that was served from another domain. Hence the header {{Access-Control-Allow-Origin}} shall be added with a default value {{*}} (configurable in case it is really needed, but allowing general access as default makes sense here). Concrete Use Case: A Jenkins HTML Report that aggregates HC results from multiple sling instances. > Make HC servlet send CORS header Access-Control-Allow-Origin > ------------------------------------------------------------ > > Key: SLING-6946 > URL: https://issues.apache.org/jira/browse/SLING-6946 > Project: Sling > Issue Type: Improvement > Components: Health Check > Reporter: Georg Henzler > Assignee: Georg Henzler > Fix For: Health Check Core 1.2.10 > > > There is no reason why the HC servlet should not be allowed to be called from > a webpage that was served from another domain. Hence the header > {{Access-Control-Allow-Origin}} shall be added with a default value {{*}} > (configurable in case it is really needed, but allowing general access as > default makes sense here). > Concrete Use Case: A Jenkins HTML Report that aggregates HC results from > multiple sling instances. -- This message was sent by Atlassian JIRA (v6.3.15#6346)