Skip to content

Avoid using $httpHeaders in environments that don't send an Origin header. #2464

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Dec 20, 2019
Merged

Avoid using $httpHeaders in environments that don't send an Origin header. #2464

merged 2 commits into from
Dec 20, 2019

Conversation

mikelehen
Copy link
Contributor

There is a backend bug (b/145624756) causing our $httpHeaders query param to be ignored if the request doesn't contain an Origin header. Via #1491 we've found that several environments can run into this issue so until the backend issue is fixed we are excluding them from using $httpHeaders. This may incur an extra CORS preflight round-trip in some cases, but this is much better than having our Authorization header get ignored.

Avoid using $httpHeaders in environments that don't send an Origin he…
1fb98cc 
…ader.

There is a backend bug (b/145624756) causing $httpHeaders to be ignored if an Origin header is not sent.  Via #1491 we've found that several environments can run into this issue so until the backend issue is fixed we are excluding them from using $httpHeaders. This may incur an extra CORS preflight round-trip in some cases, but this is much better than having our Authorization header get ignored.
wilhuff
wilhuff approved these changes Dec 20, 2019
View reviewed changes
Copy link
Contributor

@wilhuff wilhuff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@wilhuff wilhuff assigned mikelehen and unassigned wilhuff Dec 20, 2019
@mikelehen mikelehen merged commit 984c1e4 into master Dec 20, 2019
@mikelehen mikelehen deleted the mikelehen/no-origin-header-workaround branch December 20, 2019 17:58
@ShishKabab ShishKabab mentioned this pull request Jan 6, 2020
Closed
@hsubox76 hsubox76 added this to the next milestone Jan 7, 2020
@mikelehen mikelehen mentioned this pull request Jan 14, 2020
Merged
hsubox76
hsubox76 reviewed Jan 14, 2020
View reviewed changes
Copy link
Contributor

@hsubox76 hsubox76 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Edit: Sorry, wrong PR

@firebase firebase locked and limited conversation to collaborators Jan 20, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@hsubox76 hsubox76 hsubox76 left review comments

@Feiyang1 Feiyang1 Feiyang1 approved these changes

@wilhuff wilhuff wilhuff approved these changes

@hiranya911 hiranya911 Awaiting requested review from hiranya911

Assignees

@mikelehen mikelehen

Labels
api: firestore
Projects
None yet
Milestone
7.6.2
Development

Successfully merging this pull request may close these issues.
4 participants
@mikelehen @Feiyang1 @wilhuff @hsubox76