httpbin icon indicating copy to clipboard operation
httpbin copied to clipboard
verified publisher icon postmanlabs

Expose "WWW-Authenticate" header to CORS requests

Open reinert opened this issue 4 years ago • 0 comments

Digest auth endpoint is missing the "Access-Control-Expose-Headers: WWW-Authenticate" header in order to correctly support CORS requests. Without it, the browser doesn't allow the client to get the value of the WWW-Authenticate header.

reinert avatar Mar 30 '21 21:03 reinert