From ed260a374f34d03b21c0b0ac6b893242eb8592eb Mon Sep 17 00:00:00 2001
From: Mohamed Dief <mdaif1332@gmail.com>
Date: Sat, 13 Feb 2021 05:49:58 +0200
Subject: [PATCH] Disable Credentials For CORs Requests.

---
 .../src/main/java/com/sismics/util/filter/CorsFilter.java       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs-web-common/src/main/java/com/sismics/util/filter/CorsFilter.java b/docs-web-common/src/main/java/com/sismics/util/filter/CorsFilter.java
index 83c0c8d64..817265d7c 100644
--- a/docs-web-common/src/main/java/com/sismics/util/filter/CorsFilter.java
+++ b/docs-web-common/src/main/java/com/sismics/util/filter/CorsFilter.java
@@ -26,7 +26,7 @@ public void doFilter(ServletRequest req, ServletResponse res, FilterChain filter
         if (EnvironmentUtil.isDevMode() && request.getHeader("origin") != null) {
             // Add CORS in dev mode
             response.addHeader("Access-Control-Allow-Origin", request.getHeader("origin"));
-            response.addHeader("Access-Control-Allow-Credentials", "true");
+            response.addHeader("Access-Control-Allow-Credentials", "false");
             response.addHeader("Access-Control-Max-Age", "3600");
             response.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");
             response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");