github/reddit
1
1
Fork 0
mirror of https://github.com/reddit-archive/reddit.git synced 2026-01-28 00:07:57 -05:00
Code Issues Packages Projects Releases Wiki Activity

Do not 403 CORS requests with non-allowed origin.

Browse Source
This commit is contained in:
Max Goodman
2011-10-06 19:41:30 -07:00
parent 3752c677ca
commit 575b3bd8df
1 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
r2/r2/controllers/reddit_base.py
View File

@@ -664,8 +664,6 @@ class MinimalController(BaseController):
response.headers["Access-Control-Allow-Origin"] = origin
if cors.get("allow_credentials"):
response.headers["Access-Control-Allow-Credentials"] = "true"
else:
self.abort403()
def OPTIONS(self):
"""Return empty responses for CORS preflight requests"""