Proxy injecting 'Access-Control-Allow-Credentials:' header

[dmitrizagidulin]

The proxy is injecting an Access-Control-Allow-Credentials: true header into the response, even if the original server did not return it.

For example, requesting directly:

curl -s http://melvincarvalho.com/#me -H 'Accept: text/turtle' -v

< HTTP/1.1 200 OK
< Access-Control-Allow-Origin : *
< Content-Length: 7471
< Content-Type: text/turtle

Using LDNode's proxy, note the extra header:

curl "https://localhost:8443/proxy?uri=http%3A%2F%2Fmelvincarvalho.com%2F%23me" \
 -H 'Accept: text/turtle' -vk

< HTTP/1.1 200 OK
< X-Powered-By: ldnode
< Vary: Origin
< Access-Control-Allow-Credentials: true
< Access-Control-Expose-Headers: User, Location, Link, Vary, Last-Modified, Content-Length

[nicola]

Did this 8e31c31 fix?

[dmitrizagidulin]

I think so..