wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Clarify which requests should have CORS headers

Browse source 
Spoilers: all of them.
This commit is contained in:
Travis Ralston 2018-07-04 14:30:39 -06:00
parent 67e74bd8c5
commit 0779d81e52
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
specification/client_server_api.rst
View file

@ -169,7 +169,8 @@ Web Browser Clients
It is realistic to expect that some clients will be written to be run within a It is realistic to expect that some clients will be written to be run within a
web browser or similar environment. In these cases, the homeserver should respond web browser or similar environment. In these cases, the homeserver should respond
to pre-flight requests and supply Cross-Origin Resource Sharing (CORS) headers. to pre-flight requests and supply Cross-Origin Resource Sharing (CORS) headers on
all requests.
When a client approaches the server with a pre-flight (``OPTIONS``) request, the When a client approaches the server with a pre-flight (``OPTIONS``) request, the
server should respond with the CORS headers for that route. If the route does not server should respond with the CORS headers for that route. If the route does not