Issue with Cross-Origin Resource Sharing
The Cross-Origin Resource Sharing (CORS) is set as Allow-All for the PRPushServlet API as part of the penetration testing. It does not work though the user configures an endpoint CORS setting.
Steps to Reproduce
CORS support for PRPushservet is not required. Atmosphere sends the CORS response headers for long polling requests by default.