Allow access control headers to be overriden in jupyter_notebook_conf…

…ig.py
jupyter · Aug 28, 2018 · cc5e08d · cc5e08d
1 parent 98085dc
commit cc5e08d
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/notebook/base/handlers.py b/notebook/base/handlers.py
@@ -607,8 +607,11 @@ def finish(self, *args, **kwargs):
         return super(APIHandler, self).finish(*args, **kwargs)
 
     def options(self, *args, **kwargs):
-        self.set_header('Access-Control-Allow-Headers',
-                        'accept, content-type, authorization, x-xsrftoken')
+        if 'Access-Control-Allow-Headers' in self.settings.get('headers', {}):
+            self.set_header('Access-Control-Allow-Headers', self.settings['headers']['Access-Control-Allow-Headers'])
+        else:
+            self.set_header('Access-Control-Allow-Headers',
+                            'accept, content-type, authorization, x-xsrftoken')
         self.set_header('Access-Control-Allow-Methods',
                         'GET, PUT, POST, PATCH, DELETE, OPTIONS')