Add CORS header ('Access-Control-Allow-Origin') to 'AllReader'
Allows all API endpoints using 'AllReader' to be queryable by any origin.
This commit is contained in:
parent
5c94d23466
commit
94bcb91220
|
@ -599,6 +599,9 @@ func (h *Handler) AllReader(f handlerFunc) http.HandlerFunc {
|
||||||
log.Info(h.app.ReqLog(r, status, time.Since(start)))
|
log.Info(h.app.ReqLog(r, status, time.Since(start)))
|
||||||
}()
|
}()
|
||||||
|
|
||||||
|
// Allow any origin, as public endpoints are handled in here
|
||||||
|
w.Header().Set("Access-Control-Allow-Origin", "*");
|
||||||
|
|
||||||
if h.app.App().cfg.App.Private {
|
if h.app.App().cfg.App.Private {
|
||||||
// This instance is private, so ensure it's being accessed by a valid user
|
// This instance is private, so ensure it's being accessed by a valid user
|
||||||
// Check if authenticated with an access token
|
// Check if authenticated with an access token
|
||||||
|
|
Loading…
Reference in New Issue