Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wildcard is a valid Access-Control-Expose-Headers value #26113

Closed
jnfeinstein opened this issue Nov 18, 2020 · 3 comments
Closed

Wildcard is a valid Access-Control-Expose-Headers value #26113

jnfeinstein opened this issue Nov 18, 2020 · 3 comments
Assignees
@rstoyanchev
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) status: backported An issue that has been backported to maintenance branches type: enhancement A general enhancement
Milestone
5.3.2

Comments

@jnfeinstein
Copy link

jnfeinstein commented Nov 18, 2020
edited

This check is dated. Wildcard is a valid configuration according to MDN and spec.
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged or decided on label Nov 18, 2020
@rstoyanchev rstoyanchev self-assigned this Nov 18, 2020
@rstoyanchev rstoyanchev added in: web Issues in web modules (web, webmvc, webflux, websocket) type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged or decided on labels Nov 18, 2020
@rstoyanchev rstoyanchev added this to the 5.3.2 milestone Nov 18, 2020
@rstoyanchev
Copy link
Contributor

I think it's dated more than ill-informed. The code was written a year before the spec was changed it seems https://github.com/whatwg/fetch/issues/252.

@jhoeller
Copy link
Contributor

@rstoyanchev since we have the same check in the older branches as well, I suppose this is a backport candidate? Even if it's not really a bug, depending on the impact of the fix, we could backport it as an enhancement to 5.2.x and 5.1.x at least.

@jhoeller jhoeller changed the title Wildcard is a valid exposed header value Wildcard is a valid Access-Control-Expose-Headers value Nov 18, 2020
@jnfeinstein
Copy link
Author

@rstoyanchev fixed in original description. 👍

@rstoyanchev rstoyanchev added the for: backport-to-5.2.x Marks an issue as a candidate for backport to 5.2.x label Nov 19, 2020
@spring-projects-issues spring-projects-issues added status: backported An issue that has been backported to maintenance branches and removed for: backport-to-5.2.x Marks an issue as a candidate for backport to 5.2.x labels Nov 19, 2020
Closed
@rstoyanchev rstoyanchev added the for: backport-to-5.1.x Marks an issue as a candidate for backport to 5.1.x label Nov 19, 2020
@spring-projects-issues spring-projects-issues removed the for: backport-to-5.1.x Marks an issue as a candidate for backport to 5.1.x label Nov 19, 2020
Closed
rstoyanchev added a commit that referenced this issue Nov 19, 2020
@rstoyanchev
Allow "*" for Access-Control-Expose-Headers
37bda56 
Closes gh-26113
rstoyanchev added a commit that referenced this issue Nov 19, 2020
@rstoyanchev
Allow "*" for Access-Control-Expose-Headers
3e4ba75 
Closes gh-26113
@sync-by-unito sync-by-unito bot mentioned this issue Dec 10, 2020
Merged
zx20110729 pushed a commit to zx20110729/spring-framework that referenced this issue Feb 18, 2022
@rstoyanchev @zx20110729
Allow "*" for Access-Control-Expose-Headers
798c78b 
Closes spring-projectsgh-26113
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rstoyanchev rstoyanchev

Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) status: backported An issue that has been backported to maintenance branches type: enhancement A general enhancement
Projects
None yet
Milestone
5.3.2
Development

No branches or pull requests
4 participants
@rstoyanchev @jhoeller @jnfeinstein @spring-projects-issues