saret/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-10-26 07:50:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #631 from vverst/cors-put

Browse Source 
Use Access-Control-Allow-Method
This commit is contained in:
Daniel García
2019-09-23 20:03:51 +02:00
committed by GitHub
parent 4c07f05b3a 56f12dc982
commit 8367d1d715
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/util.rs
View File

@@ -47,7 +47,7 @@ impl CORS {
impl Fairing for CORS { impl Fairing for CORS {
fn info(&self) -> Info { fn info(&self) -> Info {
Info { Info {
name: "Add CORS headers to requests", name: "CORS",
kind: Kind::Response kind: Kind::Response
} }
} }
@@ -60,12 +60,12 @@ impl Fairing for CORS {
let req_allow_headers = CORS::get_header(&req_headers, "Access-Control-Request-Headers"); let req_allow_headers = CORS::get_header(&req_headers, "Access-Control-Request-Headers");
let req_allow_methods =CORS::get_header(&req_headers,"Access-Control-Request-Methods"); let req_allow_method = CORS::get_header(&req_headers,"Access-Control-Request-Method");
if request.method() == Method::Options || response.content_type() == Some(ContentType::JSON) { if request.method() == Method::Options || response.content_type() == Some(ContentType::JSON) {
// Requests with credentials need explicit values since they do not allow wildcards. // Requests with credentials need explicit values since they do not allow wildcards.
response.set_header(Header::new("Access-Control-Allow-Origin", req_allow_origin)); response.set_header(Header::new("Access-Control-Allow-Origin", req_allow_origin));
response.set_header(Header::new("Access-Control-Allow-Methods", req_allow_methods)); response.set_header(Header::new("Access-Control-Allow-Methods", req_allow_method));
response.set_header(Header::new("Access-Control-Allow-Headers", req_allow_headers)); response.set_header(Header::new("Access-Control-Allow-Headers", req_allow_headers));
response.set_header(Header::new("Access-Control-Allow-Credentials", "true")); response.set_header(Header::new("Access-Control-Allow-Credentials", "true"));
} }