liquid_feedback_frontend
annotate app/main/http_options.lua @ 1858:3d1f0464a3ea
Handle missing ldap.member.allowed function
| author | bsw |
|---|---|
| date | Tue Sep 20 17:35:29 2022 +0200 (20 months ago) |
| parents | 408e4b1d5234 |
| children |
| rev | line source |
|---|---|
| bsw/jbe@1309 | 1 -- TODO workaround, needs to be resolved in WebMCP's request.handler |
| bsw/jbe@1309 | 2 if not request._route then |
| bsw/jbe@1309 | 3 return |
| bsw/jbe@1309 | 4 end |
| bsw/jbe@1309 | 5 |
| bsw@1548 | 6 -- TODO allow cors requests on api module? |
| bsw@1545 | 7 if request.get_module() == "oauth2" and |
| bsw@1545 | 8 (request.get_view() == "session" or request.get_view() == "validate") |
| bsw@1545 | 9 then |
| bsw/jbe@1309 | 10 local origin = request.get_header("Origin") |
| bsw/jbe@1309 | 11 if origin then |
| bsw/jbe@1309 | 12 request.add_header("Access-Control-Allow-Origin", origin) |
| bsw/jbe@1309 | 13 end |
| bsw/jbe@1309 | 14 request.add_header("Access-Control-Allow-Credentials", "true") |
| bsw/jbe@1309 | 15 request.add_header("Access-Control-Max-Age", "0") |
| bsw/jbe@1309 | 16 else |
| bsw/jbe@1309 | 17 request.add_header("Access-Control-Allow-Origin", "*") |
| bsw/jbe@1309 | 18 end |
| bsw/jbe@1309 | 19 |
| bsw/jbe@1309 | 20 request.add_header("Access-Control-Allow-Headers", "Authorization") |