Hi all,
I'm using easyXDM to talk via ajax to a REST api. This api will return status codes like 400 (invalid form submission), 403 etc.
Now the standard CORS implementation will return an error message "INVALID STATUS CODE" and not the response object (I currently rely on the alwaysTrustedOrigins variable). Now I have two questions:
- Why is the message INVALID STATUS CODE? A status code like 403 should be fine? Or is there another reason that CORS throws an error on it?
- If accesControl is enabled, the response object will no be passed back. Shouldn't there be a check for alwaysTrustedOrigins + access control at that place?
Depending on the answers I can send a PR to address the 'issues'.
Cheers!
Alexander