CORS: Expose all headers on response (#7331)

Fixes #7289
This commit is contained in:
kannappanr 2019-03-06 11:58:53 -08:00 committed by GitHub
parent 12eb71828b
commit 39ddb78c75
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -383,7 +383,23 @@ type resourceHandler struct {
// setCorsHandler handler for CORS (Cross Origin Resource Sharing) // setCorsHandler handler for CORS (Cross Origin Resource Sharing)
func setCorsHandler(h http.Handler) http.Handler { func setCorsHandler(h http.Handler) http.Handler {
c := cors.AllowAll()
c := cors.New(cors.Options{
AllowedOrigins: []string{"*"},
AllowedMethods: []string{
http.MethodGet,
http.MethodPut,
http.MethodHead,
http.MethodPost,
http.MethodDelete,
http.MethodOptions,
http.MethodPatch,
},
AllowedHeaders: []string{"*"},
ExposedHeaders: []string{"*"},
AllowCredentials: true,
})
return c.Handler(h) return c.Handler(h)
} }