Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Workflow
- 1. Request full/info.json withCredentials flag set, but no credentials
- Request: No Cookie.
- Response: 302 ; ACAC:true ; ACAO: origin ; Location: degraded
- 2. Request degraded/info.json withCredentials flag set? but no credentials
- Request: No Cookie
- Response: 200 ; ACAC:true ; ACAO: origin
- 3. Request service/login withCredentials flag set, but no credentials
- Request: No control for login
- ... Magic Happens ...
- Window closes maybe having acquired a Cookie
- 4. Request full/info.json withCredentials flag set, and maybe credentials
- 4a Request: Cookie
- Response: 200 ; ACAC:true ; ACAO: origin
- 4b Request: No Cookie
- Response: 302 ; ACAC:true ; ACAO: origin
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement