CORS heards not being set in version 3.9.3 / Windows

I have installed OpenFire and am able to connect using PidGin. I have also enabled CORS in the admin console. When I browse, http://localhost:7070/ I am able to see the http bind message, but the response headers does not contain the Access-Control-Allow-Origin response headers, because of which I am unable to connect using Converse.js (requests from the browser are being blocked)

Is this a bug in OpenFire ? Is there something I need to look for in the logs?


The URL must be http://localhost:7070/http-bind/

the last slash is also important otherwise will not work

I successfully tested using Candy — a JavaScript-based multi-user chat client

and Strophe.js - An XMPP library for JavaScript

you can set “Origin: null”