Fix access-control-header for web clients
This commit is contained in:
parent
20d4d279b7
commit
5788f191b1
|
@ -27,18 +27,26 @@ ExpressApp.start = function(opts) {
|
||||||
WalletService.initialize(opts.WalletService);
|
WalletService.initialize(opts.WalletService);
|
||||||
var app = express();
|
var app = express();
|
||||||
app.use(function(req, res, next) {
|
app.use(function(req, res, next) {
|
||||||
res.setHeader('Access-Control-Allow-Origin', '*');
|
if (req.headers.cookie) {
|
||||||
|
res.setHeader('Access-Control-Allow-Origin', '*');
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
|
||||||
|
}
|
||||||
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
|
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
|
||||||
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Authorization');
|
res.setHeader('Access-Control-Allow-Headers', 'x-signature,x-identity,X-Requested-With,Content-Type,Authorization');
|
||||||
next();
|
next();
|
||||||
});
|
});
|
||||||
var allowCORS = function(req, res, next) {
|
var allowCORS = function(req, res, next) {
|
||||||
if ('OPTIONS' == req.method) {
|
if ('OPTIONS' == req.method) {
|
||||||
res.sendStatus(200);
|
var headers = {};
|
||||||
|
headers['Access-Control-Allow-Credentials'] = true;
|
||||||
|
res.writeHead(200, headers);
|
||||||
res.end();
|
res.end();
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
next();
|
else {
|
||||||
|
next();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
app.use(allowCORS);
|
app.use(allowCORS);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue