Merge pull request #42 from owncloud/add-header-to-allowed-headers

add header to access-control-allow-headers
owncloud · Mar 30, 2020 · 6f34534 · 6f34534
2 parents 6a3afe2 + 3b8809c
commit 6f34534
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/changelog/unreleased/add-header-to-cors-handler.md b/changelog/unreleased/add-header-to-cors-handler.md
@@ -0,0 +1,5 @@
+Change: Add header to cors handler 
+
+The `x-requested-with` header was added to allow ajax requests.
+
+https://github.com/owncloud/ocis-pkg/issues/41
diff --git a/middleware/header.go b/middleware/header.go
@@ -24,7 +24,7 @@ func Cors(next http.Handler) http.Handler {
 		} else {
 			w.Header().Set("Access-Control-Allow-Origin", "*")
 			w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS")
-			w.Header().Set("Access-Control-Allow-Headers", "authorization, origin, content-type, accept")
+			w.Header().Set("Access-Control-Allow-Headers", "authorization, origin, content-type, accept, x-requested-with")
 			w.Header().Set("Allow", "HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS")
 
 			w.WriteHeader(http.StatusOK)