|
|
@ -27,19 +27,27 @@ ExpressApp.start = function(opts) { |
|
|
|
WalletService.initialize(opts.WalletService); |
|
|
|
var app = express(); |
|
|
|
app.use(function(req, res, next) { |
|
|
|
if (req.headers.cookie) { |
|
|
|
res.setHeader('Access-Control-Allow-Origin', '*'); |
|
|
|
} |
|
|
|
else { |
|
|
|
res.setHeader('Access-Control-Allow-Origin', req.headers.origin); |
|
|
|
} |
|
|
|
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE'); |
|
|
|
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Authorization'); |
|
|
|
res.setHeader('Access-Control-Allow-Headers', 'x-signature,x-identity,X-Requested-With,Content-Type,Authorization'); |
|
|
|
next(); |
|
|
|
}); |
|
|
|
var allowCORS = function(req, res, next) { |
|
|
|
if ('OPTIONS' == req.method) { |
|
|
|
res.sendStatus(200); |
|
|
|
var headers = {}; |
|
|
|
headers['Access-Control-Allow-Credentials'] = true; |
|
|
|
res.writeHead(200, headers); |
|
|
|
res.end(); |
|
|
|
return; |
|
|
|
} |
|
|
|
else { |
|
|
|
next(); |
|
|
|
} |
|
|
|
} |
|
|
|
app.use(allowCORS); |
|
|
|
|
|
|
|
var POST_LIMIT = 1024 * 100 /* Max POST 100 kb */ ; |
|
|
|