https://bz.apache.org/bugzilla/show_bug.cgi?id=67472
--- Comment #3 from Christopher Schultz <ch...@christopherschultz.net> ---
This seems patently incorrect to me:
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>https://another.origin.than.that.of.the.proxy</param-value>
</init-param>
Why are you only allowing an origin that does NOT go through the proxy? Isn't
the point of using the proxy, thus the cors.allowed.origins should be EXACTLY
THAT OF THE PROXY and not anything else?
Are you intending to use this setup to make requests both through the proxy and
NOT through the proxy? If so, then you should have BOTH origins in your config
and not just one.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
