vaultwarden
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

on alter token header if not self hosted

This commit is contained in:
Kyle Spearrin 2017-10-03 22:29:01 -04:00
parent a132ec4fd7
commit 1bb6244337
1 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/app/config.js
View File

@ -13,19 +13,20 @@ angular
$locationProvider.hashPrefix(''); $locationProvider.hashPrefix('');
var jwtConfig = { var jwtConfig = {
// Using Content-Language header since it is unused and is a CORS-safelisted header. This avoids pre-flights.
authHeader: 'Content-Language',
whiteListedDomains: appSettings.whitelistDomains whiteListedDomains: appSettings.whitelistDomains
}; };
// Safari doesn't work with unconventional "Content-Language" header for CORS. if (!appSettings.selfHosted) {
// See notes here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS var userAgent = navigator.userAgent.toLowerCase();
var userAgent = navigator.userAgent.toLowerCase(); if (userAgent.indexOf('safari') > -1 && userAgent.indexOf('chrome') === -1) {
if (userAgent.indexOf('safari') > -1 && userAgent.indexOf('chrome') === -1) { // Safari doesn't work with unconventional "Content-Language" header for CORS.
jwtConfig = { // See notes here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
urlParam: 'access_token', jwtConfig.urlParam = 'access_token';
whiteListedDomains: appSettings.whitelistDomains }
}; else {
// Using Content-Language header since it is unused and is a CORS-safelisted header. This avoids pre-flights.
jwtConfig.authHeader = 'Content-Language';
}
} }
jwtOptionsProvider.config(jwtConfig); jwtOptionsProvider.config(jwtConfig);