Chris/0

@AkhtarAmir Yes, I am still facing it. If you mean #917, that’s about when the problem began, even.

@amulroney-del Ack! That PR was meant to tag #936. Apologies. I'll see about correcting that now.

It's too hard to rebase against a year and a half of changes. I'm declaring bankruptcy. I will restart the work against the latest `master` branch. There are now _a...

@rsshilli I'm afraid it's you who is confused. If "Access-Control-Allow-Credentials" is passed, "Access-Control-Allow-Origin" [is not allowed to be wildcarded][]. [is not allowed to be wildcarded]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin#Directives

@dattatrayhkulkarni The snippet you've quoted will only add CORS response headers to expired token authentication responses. Is that where you're trying to see CORS response headers? (If not, next paragraph.)...

In the example, you’re using the shorthand form of enabling CORS. Have you considered using the [object form][]? The form taking only a single string – the origin – is...

@normj Thanks for all the work that you and others put into this issue – I was following along on other GitHub projects. Does the equivalent advice apply to Image-style...

> Regarding specification changes (point no.1), would the change to Function.ImageUri to potentially expect a tarball be the only change you imagine would be required to support this? I worry...

For the record, I have my proof-of-concept running as of this morning (EDT) using `ImageUri`. I can `sam build` then `sam deploy` a real application right up to our test...

I don't yet consider that PR complete because I don't know what documentation the required step "Write documentation" refers to. Is it about documenting methods/functions? Or is it about updating...