URL like http://example.com:1234/ and http://example.com:1234 should treated as same origin [1]. It is not true in current implementation. We compare the CORS origin literally without normalizing the string given by user through EnableCors therefore cause CORS rejection which is difficult to find.
The schema of origin is restrictively defined hence we can normalize the user setting. Matching / Comparing origins are defined in RFC6454 [2]
[1] http://tools.ietf.org/html/rfc6454#section-4
[2] http://tools.ietf.org/html/rfc6454#section-5
The schema of origin is restrictively defined hence we can normalize the user setting. Matching / Comparing origins are defined in RFC6454 [2]
[1] http://tools.ietf.org/html/rfc6454#section-4
[2] http://tools.ietf.org/html/rfc6454#section-5