liquid_feedback_frontend
annotate app/main/http_options.lua @ 1600:d47d2b0cd7c2
Removed debug code
| author | bsw |
|---|---|
| date | Sun Jan 31 22:12:27 2021 +0100 (2021-01-31) |
| parents | 408e4b1d5234 |
| children |
| rev | line source |
|---|---|
| bsw/jbe@1309 | 1 -- TODO workaround, needs to be resolved in WebMCP's request.handler |
| bsw/jbe@1309 | 2 if not request._route then |
| bsw/jbe@1309 | 3 return |
| bsw/jbe@1309 | 4 end |
| bsw/jbe@1309 | 5 |
| bsw@1548 | 6 -- TODO allow cors requests on api module? |
| bsw@1545 | 7 if request.get_module() == "oauth2" and |
| bsw@1545 | 8 (request.get_view() == "session" or request.get_view() == "validate") |
| bsw@1545 | 9 then |
| bsw/jbe@1309 | 10 local origin = request.get_header("Origin") |
| bsw/jbe@1309 | 11 if origin then |
| bsw/jbe@1309 | 12 request.add_header("Access-Control-Allow-Origin", origin) |
| bsw/jbe@1309 | 13 end |
| bsw/jbe@1309 | 14 request.add_header("Access-Control-Allow-Credentials", "true") |
| bsw/jbe@1309 | 15 request.add_header("Access-Control-Max-Age", "0") |
| bsw/jbe@1309 | 16 else |
| bsw/jbe@1309 | 17 request.add_header("Access-Control-Allow-Origin", "*") |
| bsw/jbe@1309 | 18 end |
| bsw/jbe@1309 | 19 |
| bsw/jbe@1309 | 20 request.add_header("Access-Control-Allow-Headers", "Authorization") |