Browse Source

Fix access-control-header for web clients

activeAddress
Gustavo Maximiliano Cortez 10 years ago
parent
commit
5788f191b1
  1. 14
      lib/expressapp.js

14
lib/expressapp.js

@ -27,19 +27,27 @@ ExpressApp.start = function(opts) {
WalletService.initialize(opts.WalletService); WalletService.initialize(opts.WalletService);
var app = express(); var app = express();
app.use(function(req, res, next) { app.use(function(req, res, next) {
if (req.headers.cookie) {
res.setHeader('Access-Control-Allow-Origin', '*'); res.setHeader('Access-Control-Allow-Origin', '*');
}
else {
res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
}
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE'); res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Authorization'); res.setHeader('Access-Control-Allow-Headers', 'x-signature,x-identity,X-Requested-With,Content-Type,Authorization');
next(); next();
}); });
var allowCORS = function(req, res, next) { var allowCORS = function(req, res, next) {
if ('OPTIONS' == req.method) { if ('OPTIONS' == req.method) {
res.sendStatus(200); var headers = {};
headers['Access-Control-Allow-Credentials'] = true;
res.writeHead(200, headers);
res.end(); res.end();
return;
} }
else {
next(); next();
} }
}
app.use(allowCORS); app.use(allowCORS);
var POST_LIMIT = 1024 * 100 /* Max POST 100 kb */ ; var POST_LIMIT = 1024 * 100 /* Max POST 100 kb */ ;

Loading…
Cancel
Save