Roundup Tracker - Issues


Author rouilj
Recipients marcus.priesch, rouilj
Date 2022-05-17.21:21:22
Message-id <>
First pass at implementation.

Changes from spec:

confi.ini param is allowed_api_origins (shorter name).
Origin values are space (not comma) separated and must exactly equal the origin header value. 
So is not the same as

It seems to me that these should be a case insensitive match, but the original CORS spec says 
case sensitive and the newer spec has nothing to say on it.

check_origin_header(self, api=False) renamed as is_origin_header_ok(self, api=false)

Swapped out xmlrpc parm for api param. Updated comments.

The code to handle preflight requests isn't done yet, so those items are still open.

Also until CORS preflight support is implemented for xmlrpc, I am not adding origin
filter there.

Docs updated.

changeset:   6681:ab2ed11c021e
Date User Action Args
2022-05-17 21:21:22rouiljsetmessageid: <>
2022-05-17 21:21:22rouiljsetrecipients: + rouilj, marcus.priesch
2022-05-17 21:21:22rouiljlinkissue2551205 messages
2022-05-17 21:21:22rouiljcreate