Skip to content

Commit

Permalink
docs: add comment for USE-JWT-COOKIE header
Browse files Browse the repository at this point in the history
Although we may no longer need the USE-JWT-COOKIE
header, it could break ecommerce if this were
removed at this time. So, we are leaving
a comment so we'll see this in any searches, and
avoid updating for now.

Once all backends, including ecommerce, have edx-drf-extensions>=10.2.0, this could be removed.

See "[DEPR]: USE-JWT-COOKIE header" for more details:
- openedx/edx-drf-extensions#371
  • Loading branch information
robrap committed Aug 29, 2024
1 parent 0aeb26b commit 93c3cd4
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -1,6 +1,10 @@
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
{# Leaving USE-JWT-COOKIE header in place, even though this could possibly be
cleaned up. We don't want to chance breaking ecommerce. Most backends
are using edx-drf-extensions>=10.2.0, and no longer use this header.
#}
add_header 'Access-Control-Allow-Headers' 'Authorization, USE-JWT-COOKIE';
{% if edx_django_service_allow_cors_credentials %}
add_header 'Access-Control-Allow-Credentials' true;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,10 @@
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
{# Leaving USE-JWT-COOKIE header in place, even though this could possibly be
cleaned up. We don't want to chance breaking ecommerce. Most backends
are using edx-drf-extensions>=10.2.0, and no longer use this header.
#}
add_header 'Access-Control-Allow-Headers' 'Authorization, USE-JWT-COOKIE';
{% if edx_django_service_with_rendered_config_allow_cors_credentials %}
add_header 'Access-Control-Allow-Credentials' true;
Expand Down

0 comments on commit 93c3cd4

Please sign in to comment.