Skip to content

Commit cd0d00b

Browse files
mevdscheemevdschee
committed
fix for mevdschee#889 
1 parent b947c3e commit cd0d00b

File tree

5 files changed

+5
-5
lines changed

5 files changed

+5
-5
lines changed

api.include.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7920,7 +7920,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
79207920
$response = $this->responder->error(ErrorCode::ORIGIN_FORBIDDEN, $origin);
79217921
} elseif ($method == 'OPTIONS') {
79227922
$response = ResponseFactory::fromStatus(ResponseFactory::OK);
7923-
$allowHeaders = $this->getProperty('allowHeaders', 'Content-Type, X-XSRF-TOKEN, X-Authorization');
7923+
$allowHeaders = $this->getProperty('allowHeaders', 'Content-Type, X-XSRF-TOKEN, X-Authorization, X-API-Key');
79247924
if ($this->debug) {
79257925
$allowHeaders = implode(', ', array_filter([$allowHeaders, 'X-Exception-Name, X-Exception-Message, X-Exception-File']));
79267926
}

api.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7920,7 +7920,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
79207920
$response = $this->responder->error(ErrorCode::ORIGIN_FORBIDDEN, $origin);
79217921
} elseif ($method == 'OPTIONS') {
79227922
$response = ResponseFactory::fromStatus(ResponseFactory::OK);
7923-
$allowHeaders = $this->getProperty('allowHeaders', 'Content-Type, X-XSRF-TOKEN, X-Authorization');
7923+
$allowHeaders = $this->getProperty('allowHeaders', 'Content-Type, X-XSRF-TOKEN, X-Authorization, X-API-Key');
79247924
if ($this->debug) {
79257925
$allowHeaders = implode(', ', array_filter([$allowHeaders, 'X-Exception-Name, X-Exception-Message, X-Exception-File']));
79267926
}

src/Tqdev/PhpCrudApi/Middleware/CorsMiddleware.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
4646
$response = $this->responder->error(ErrorCode::ORIGIN_FORBIDDEN, $origin);
4747
} elseif ($method == 'OPTIONS') {
4848
$response = ResponseFactory::fromStatus(ResponseFactory::OK);
49-
$allowHeaders = $this->getProperty('allowHeaders', 'Content-Type, X-XSRF-TOKEN, X-Authorization');
49+
$allowHeaders = $this->getProperty('allowHeaders', 'Content-Type, X-XSRF-TOKEN, X-Authorization, X-API-Key');
5050
if ($this->debug) {
5151
$allowHeaders = implode(', ', array_filter([$allowHeaders, 'X-Exception-Name, X-Exception-Message, X-Exception-File']));
5252
}

tests/functional/001_records/041_cors_pre_flight.log

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ Access-Control-Request-Method: POST
55
Access-Control-Request-Headers: X-XSRF-TOKEN, X-Requested-With
66
===
77
200
8-
Access-Control-Allow-Headers: Content-Type, X-XSRF-TOKEN, X-Authorization
8+
Access-Control-Allow-Headers: Content-Type, X-XSRF-TOKEN, X-Authorization, X-API-Key
99
Access-Control-Allow-Methods: OPTIONS, GET, PUT, POST, DELETE, PATCH
1010
Access-Control-Max-Age: 1728000
1111
Access-Control-Allow-Credentials: true

tests/functional/002_auth/001_jwt_auth.log

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ Access-Control-Request-Method: POST
3838
Access-Control-Request-Headers: X-PINGOTHER, Content-Type
3939
===
4040
200
41-
Access-Control-Allow-Headers: Content-Type, X-XSRF-TOKEN, X-Authorization
41+
Access-Control-Allow-Headers: Content-Type, X-XSRF-TOKEN, X-Authorization, X-API-Key
4242
Access-Control-Allow-Methods: OPTIONS, GET, PUT, POST, DELETE, PATCH
4343
Access-Control-Allow-Credentials: true
4444
Access-Control-Max-Age: 1728000

0 commit comments

Comments
 (0)