From 94bcb91220e039da129e74584c889c7a3577a24e Mon Sep 17 00:00:00 2001
From: Neil Moore <dar13.dev@gmail.com>
Date: Sat, 20 Jun 2020 23:18:30 -0400
Subject: [PATCH] Add CORS header ('Access-Control-Allow-Origin') to
 'AllReader'

Allows all API endpoints using 'AllReader' to be queryable by any
origin.
---
 handle.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/handle.go b/handle.go
index 4915420..1802384 100644
--- a/handle.go
+++ b/handle.go
@@ -599,6 +599,9 @@ func (h *Handler) AllReader(f handlerFunc) http.HandlerFunc {
 				log.Info(h.app.ReqLog(r, status, time.Since(start)))
 			}()
 
+			// Allow any origin, as public endpoints are handled in here
+			w.Header().Set("Access-Control-Allow-Origin", "*");
+
 			if h.app.App().cfg.App.Private {
 				// This instance is private, so ensure it's being accessed by a valid user
 				// Check if authenticated with an access token