[ https://issues.apache.org/jira/browse/COUCHDB-2945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15174328#comment-15174328 ]
ASF subversion and git services commented on COUCHDB-2945: ---------------------------------------------------------- Commit cfbd7f7b5551ab4ec759357fe83aa6126f81250f in couchdb-couch-httpd's branch refs/heads/split_out_httpd_stack from [~iilyak] [ https://git-wip-us.apache.org/repos/asf?p=couchdb-couch-httpd.git;h=cfbd7f7 ] Use cors_config for 'credentials' setting The 'credentials' setting should be configurable per vhost. COUCHDB-2945 > CORS headers are missing for requests to _session endpoint > ---------------------------------------------------------- > > Key: COUCHDB-2945 > URL: https://issues.apache.org/jira/browse/COUCHDB-2945 > Project: CouchDB > Issue Type: Bug > Components: HTTP Interface > Reporter: ILYA > Assignee: ILYA > > CORS headers are send in > [chttpd:send_json|https://github.com/apache/couchdb-chttpd/blob/master/src/chttpd.erl#L709:L712]. > However *_session* endpoint uses *couch_http:send_json* which doesn't include > CORS specific headers (see > [here|https://github.com/apache/couchdb-couch/blob/master/src/couch_httpd.erl#L748:L752)]). -- This message was sent by Atlassian JIRA (v6.3.4#6332)