Hi maverick,
First off, here's some information on Access-Control-Allow-Headers:
http://www.w3.org/TR/cors/#access-control-allow-headers-response-header
http://www.w3.org/TR/cors/#preflight-request
CORS (Cross Origin Resource Sharing) is a protocol to prevent CSRF (Cross Site Request Forgery). It sounds like you're running afoul of this somewhere along the line. In order to give you a better diagnosis however, I'll need to know more about your setup:
roschuma
First off, here's some information on Access-Control-Allow-Headers:
http://www.w3.org/TR/cors/#access-control-allow-headers-response-header
http://www.w3.org/TR/cors/#preflight-request
CORS (Cross Origin Resource Sharing) is a protocol to prevent CSRF (Cross Site Request Forgery). It sounds like you're running afoul of this somewhere along the line. In order to give you a better diagnosis however, I'll need to know more about your setup:
- Where's the server and what is its domain name (or ip address)?
- What's the request being made?
- What is the page making the request (if using javascript)?
-
What is the code using casablanca? If possible, please post a fully compilable snippet.
roschuma