-
Notifications
You must be signed in to change notification settings - Fork 1
HTTP Security
Andres Olarte edited this page Aug 15, 2017
·
1 revision
Hit the target url with OPTIONS
request
Headers:
Access-Control-Request-Method : GET
Access-Control-Request-Headers : X-Requested-With
Origin : http://localhost:3000
Result:
Access-Control-Allow-Credentials →true
Access-Control-Allow-Headers →X-Requested-With
Access-Control-Allow-Methods →GET,HEAD,POST
Access-Control-Allow-Origin →http://localhost:3000
Access-Control-Max-Age →1800
Allow →GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control →no-cache, no-store, max-age=0, must-revalidate
Content-Length →0
Date →Tue, 15 Aug 2017 15:34:53 GMT
Expires →0
Pragma →no-cache
Vary →Origin
X-Application-Context →ShopperTrakBilling:8080
X-Content-Type-Options →nosniff
X-Frame-Options →DENY
X-XSS-Protection →1; mode=block