https://issues.apache.org/bugzilla/show_bug.cgi?id=57178
--- Comment #6 from Gregor Zurowski <gzurow...@apache.org> --- That is correct, the only use case would be really just supporting the current behavior. I would also prefer considering this behavior a bug and handle "null" as a valid origin (for both the default "*" case and when explicitly configured with "null" using the cors.allowed.origins parameter). I will follow up with a simplified patch without any new configuration options shortly. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
