joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #390 from workslon/hotfix/access-control-allow-headers-response-header

Browse Source 
Fix Access-Control-Allow-Headers to match exact headers
This commit is contained in:
Drew
2016-02-19 14:42:13 -08:00
parent 01f4bcc3e3 0755a2953e
commit 941984f2e0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/middlewares.js
View File

@@ -138,7 +138,7 @@ function handleParseHeaders(req, res, next) {
var allowCrossDomain = function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
res.header('Access-Control-Allow-Headers', '*');
res.header('Access-Control-Allow-Headers', 'X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, Content-Type');
// intercept OPTIONS method
if ('OPTIONS' == req.method) {