You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Then the OPTIONS endpoint will say that both POST and GET are allowed, even though only the latter is. It won't return CORS headers from the POST endpoint, but still may mislead browsers.
If you do this:
Then the
OPTIONS
endpoint will say that bothPOST
andGET
are allowed, even though only the latter is. It won't return CORS headers from thePOST
endpoint, but still may mislead browsers.It's also funky in that this does work:
We should keep track of the methods for each path, not just slurp up every defined method at a path.
The text was updated successfully, but these errors were encountered: