From 4c6f67029750a3e1c496dbc3fb00e96861810ffe Mon Sep 17 00:00:00 2001
From: dbroqua <dbroqua@mousur.org>
Date: Sun, 9 Sep 2018 22:44:51 +0200
Subject: [PATCH] Updated CORS

---
 app.js | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/app.js b/app.js
index 92f448b..e1275be 100644
--- a/app.js
+++ b/app.js
@@ -30,21 +30,12 @@ app.use(cookieParser())
 app.use(express.static(path.join(__dirname, 'public')))
 
 app.use('/',
-  /**
-     * Set defaults env for all routes
-     * @param {Object} req
-     * @param {Object} res
-     * @param {Object} next
-     */
   function (req, res, next) {
-    // Website you wish to allow to connect
     res.setHeader('Access-Control-Allow-Origin', '*')
-    // Request methods you wish to allow
     res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE')
-    // Request headers you wish to allow
-    res.setHeader('Access-Control-Allow-Headers',
-      'Origin, X-Requested-With, Content-Type, Accept, Authorization, cache-control, pragma, If-Modified-Since')
-    // Pass to next layer of middleware
+    res.setHeader('Access-Control-Allow-Credentials', true)
+    res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization, cache-control, pragma, If-Modified-Since')
+
     next()
   })