Merge pull request #132 from cmgustavo/bug/access-control-headers

Bug/access control headers
10 years ago · 12b6d924cf
1 changed files with 1 additions and 1 deletions
--- a/lib/expressapp.js
+++ b/lib/expressapp.js
@ -29,7 +29,7 @@ ExpressApp.start = function(opts) {
  app.use(function(req, res, next) {
    res.setHeader('Access-Control-Allow-Origin', '*');
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
-    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Authorization');
+    res.setHeader('Access-Control-Allow-Headers', 'x-signature,x-identity,X-Requested-With,Content-Type,Authorization');
    next();
  });
  var allowCORS = function(req, res, next) {