cors: Set Access-Control-Allow-Credentials to true (#4185)

This allow browsers to send credentials with preflighted requests.
This commit is contained in:
Anis Elleuch 2017-04-27 20:40:22 +01:00 committed by Harshavardhana
parent 3a539ce660
commit d36dd80a8a

View File

@ -274,10 +274,11 @@ var defaultAllowableHTTPMethods = []string{
// setCorsHandler handler for CORS (Cross Origin Resource Sharing)
func setCorsHandler(h http.Handler) http.Handler {
c := cors.New(cors.Options{
AllowedOrigins: []string{"*"},
AllowedMethods: defaultAllowableHTTPMethods,
AllowedHeaders: []string{"*"},
ExposedHeaders: []string{"ETag"},
AllowedOrigins: []string{"*"},
AllowedMethods: defaultAllowableHTTPMethods,
AllowedHeaders: []string{"*"},
ExposedHeaders: []string{"ETag"},
AllowCredentials: true,
})
return c.Handler(h)
}