cors: Set Access-Control-Allow-Credentials to true (#4185)

This allow browsers to send credentials with preflighted requests.
2025-07-14 19:31:52 -04:00 · 2017-04-27 20:40:22 +01:00 · 2017-04-27 20:40:22 +01:00 · d36dd80a8a
commit d36dd80a8a
parent 3a539ce660
1 changed files with 5 additions and 4 deletions
--- a/cmd/generic-handlers.go
+++ b/cmd/generic-handlers.go
@ -274,10 +274,11 @@ var defaultAllowableHTTPMethods = []string{
 // setCorsHandler handler for CORS (Cross Origin Resource Sharing)
 func setCorsHandler(h http.Handler) http.Handler {
 	c := cors.New(cors.Options{
-		AllowedOrigins: []string{"*"},
+		AllowedOrigins:   []string{"*"},
-		AllowedMethods: defaultAllowableHTTPMethods,
+		AllowedMethods:   defaultAllowableHTTPMethods,
-		AllowedHeaders: []string{"*"},
+		AllowedHeaders:   []string{"*"},
-		ExposedHeaders: []string{"ETag"},
+		ExposedHeaders:   []string{"ETag"},
 		AllowCredentials: true,
 	})
 	return c.Handler(h)
 }