2.1.17 Section 7.2, Resource Sharing Check
V0017
The specification states:
-
4. If the omit credentials flag is unset and the response includes zero or more than one Access-Control-Allow-Credentials header values, return fail and terminate this algorithm.
-
5. If the omit credentials flag is unset and the Access-Control-Allow-Credentials header value is not a case-sensitive match for "true", return fail and terminate this algorithm.
IE8 Mode, IE9 Mode, and IE10 Mode (All Versions)
The omit credentials flag is not supported.