|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
The problem here is you can't test with curl. A browser is different than curl since it enforces CORS. I have not found the actual part of any spec that explains this but a number of browser discussions interpret the spec as stating that sending credentials with an OPTIONS request is a security threat and they will not do it. Any bugs I have seen reporting this "issue" to Chrome and Firefox have stated that reconfiguring the server is the solution and it is not a bug.