mirror of
https://github.com/dani-garcia/vaultwarden
synced 2024-12-14 17:43:46 +01:00
Use Access-Control-Allow-Method
This commit is contained in:
parent
4c07f05b3a
commit
56f12dc982
1 changed files with 3 additions and 3 deletions
|
@ -47,7 +47,7 @@ impl CORS {
|
||||||
impl Fairing for CORS {
|
impl Fairing for CORS {
|
||||||
fn info(&self) -> Info {
|
fn info(&self) -> Info {
|
||||||
Info {
|
Info {
|
||||||
name: "Add CORS headers to requests",
|
name: "CORS",
|
||||||
kind: Kind::Response
|
kind: Kind::Response
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -60,12 +60,12 @@ impl Fairing for CORS {
|
||||||
|
|
||||||
let req_allow_headers = CORS::get_header(&req_headers, "Access-Control-Request-Headers");
|
let req_allow_headers = CORS::get_header(&req_headers, "Access-Control-Request-Headers");
|
||||||
|
|
||||||
let req_allow_methods =CORS::get_header(&req_headers,"Access-Control-Request-Methods");
|
let req_allow_method = CORS::get_header(&req_headers,"Access-Control-Request-Method");
|
||||||
|
|
||||||
if request.method() == Method::Options || response.content_type() == Some(ContentType::JSON) {
|
if request.method() == Method::Options || response.content_type() == Some(ContentType::JSON) {
|
||||||
// Requests with credentials need explicit values since they do not allow wildcards.
|
// Requests with credentials need explicit values since they do not allow wildcards.
|
||||||
response.set_header(Header::new("Access-Control-Allow-Origin", req_allow_origin));
|
response.set_header(Header::new("Access-Control-Allow-Origin", req_allow_origin));
|
||||||
response.set_header(Header::new("Access-Control-Allow-Methods", req_allow_methods));
|
response.set_header(Header::new("Access-Control-Allow-Methods", req_allow_method));
|
||||||
response.set_header(Header::new("Access-Control-Allow-Headers", req_allow_headers));
|
response.set_header(Header::new("Access-Control-Allow-Headers", req_allow_headers));
|
||||||
response.set_header(Header::new("Access-Control-Allow-Credentials", "true"));
|
response.set_header(Header::new("Access-Control-Allow-Credentials", "true"));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue