How does the Chrome REST client work without setting the CORS header?

Question

How does the Chrome REST client work without setting the CORS header?

My server is configured to handle CORS headers. By default, the server expects the header " Origin" from client requests. But when I try with the google chrome client without setting the header 'Origin', I get a response. How it works?

My request header;

GET /delete/1.0 HTTP/1.1
Authorization:  Bearer 98b42f3eee1db4bc1dc8fca8e557f13
Content-Type: application/x-www-form-urlencoded
User-Agent: Jakarta Commons-HttpClient/3.1
Host: 127.0.0.1:5555

My response header;

HTTP/1.1 200 OK
Access-Control-Allow-Headers: authorization,Access-Control-Allow-Origin,Content-Type
Host: 127.0.0.1:5555
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Fri, 03 Oct 2014 06:45:13 GMT
Server: WSO2-PassThrough-HTTP
Transfer-Encoding: chunked

+4

rest google-chrome

Ratha Oct 3 '14 at 7:01

source share

1 answer

Pritam banerjee · Answer 1 · 2016-12-15T00:25:13+0000

This is automatically added by Chrome. If you check the headers on the side of your server, you will see that it is added using Origin.

As Chrome adds it to the backend, something can tell Google developers.

How does the Chrome REST client work without setting the CORS header?

More articles: