Design / Access-Control-Allow-Credentials (W3C TR http://www.w3.org/TR/cors)
The Access-Control-Allow-Credentials header indicates whether the response to request can be exposed when the omit credentials flag is unset. When part of the response to a preflight request it indicates that the actual request can include user credentials.
Notes: |
|
|
|