cubicweb #5040345 spurius CORS warning [validation pending]
On some instances, log output is littered with CORS logs such as
2014-12-11 12:14:56 - (cubicweb.web) INFO: Cross origin resource sharing failed: access-control-allow-origin is not configured
After digging around, the instance is hosted on a system whose FQDN contains uppercased letters. The issue is that web browsers automatically rewrite the host-name part of the URL in lowercased letters, thus using a different host-name than the one CubicWeb computes.
IETF's RFC 4343 says that comparison of hostnames should be case-insensitive.
There are 2 ways of solving this problem:
|closed by||#996cf2c0ec99 [config] Lowercase the FQDN we get from the OS (closes #5040345)|
|patch||[config] Lowercase the FQDN we get from the OS (closes #5040345) [applied]|