d0zingcat/cors-anywhere
1
0
Fork 0
mirror of https://github.com/d0zingcat/cors-anywhere.git synced 2026-05-13 15:09:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Default to https for the CORS API.

Browse Source 
Heroku uses Strict Transport Security (HSTS), which forces that all
requests to *.herokuapp.com must use HSTS. However. Chrome cannot read
the CORS response after a HSTS redirect due to https://crbug.com/387198.

Since the request is going to be redirected to https anyway, the demo
and the documentation will use https by default.
This commit is contained in:
Rob Wu
2014-08-29 19:17:52 +02:00
parent 0745b894c6
commit 4343044781
2 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
demo.html
View File

@@ -64,8 +64,7 @@ textarea {
</div>
<script>
var protocol = location.protocol === 'http:' ? 'http:' : 'https:';
var cors_api_url = protocol + '//cors-anywhere.herokuapp.com/';
var cors_api_url = 'https://cors-anywhere.herokuapp.com/';
function doCORSRequest(options, printResult) {
var x = new XMLHttpRequest();
x.open(options.method, cors_api_url + options.url);