https://bz.apache.org/bugzilla/show_bug.cgi?id=63939
--- Comment #1 from Mark Thomas <ma...@apache.org> --- The CORS specification references RFC 6454 for the definition of the origin header. RFC 6454 states that the port should only be included in serialized form (which is the form used in the HTTP header) if the port differs from the default port. Tomcat's same origin test is, therefore, correct in this respect. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
