CORS is permanently on
Very minor issue, Access-Control-Allow-Origin
header is permanently present:
curl -I https://dev.flow.toolchain.ebi.ac.uk/jobs/a440a8df-b1af-48a8-9d9d-993877e3e1e8
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Dec 2018 10:07:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1690
Connection: keep-alive
Access-Control-Allow-Origin: https://wwwdev.ebi.ac.uk
It is usually the case that Access-Control-Allow-Origin
header is only present when Origin
appears on the request:
curl -I https://dev.flow.toolchain.ebi.ac.uk/jobs/a440a8df-b1af-48a8-9d9d-993877e3e1e8 -H 'Origin: https://wwwdev.ebi.ac.uk'
And if the Origin
doesn't match the Access-Control-Allow-Origin
the header doesn't includes Access-Control-Allow-Origin