Updated CORS

2018-09-09 22:44:51 +02:00 · 2018-09-09 22:44:51 +02:00 · 4c6f670297
parent 60cd0f69cc
commit 4c6f670297
1 changed files with 3 additions and 12 deletions
--- a/app.js
+++ b/app.js
@ -30,21 +30,12 @@ app.use(cookieParser())
 app.use(express.static(path.join(__dirname, 'public')))

 app.use('/',
-  /**
-     * Set defaults env for all routes
-     * @param {Object} req
-     * @param {Object} res
-     * @param {Object} next
-     */
  function (req, res, next) {
-    // Website you wish to allow to connect
    res.setHeader('Access-Control-Allow-Origin', '*')
-    // Request methods you wish to allow
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE')
-    // Request headers you wish to allow
-    res.setHeader('Access-Control-Allow-Headers',
-      'Origin, X-Requested-With, Content-Type, Accept, Authorization, cache-control, pragma, If-Modified-Since')
-    // Pass to next layer of middleware
+    res.setHeader('Access-Control-Allow-Credentials', true)
+    res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization, cache-control, pragma, If-Modified-Since')
+
    next()
  })