mirror of
https://github.com/meilisearch/MeiliSearch
synced 2024-11-26 06:44:27 +01:00
Merge #2050
2050: Bug(CORS): Add missing allowed headers r=curquiza a=ManyTheFish fix #2040 ## test html file to test: ```html <!DOCTYPE html> <html> <meta content="text/html;charset=utf-8" http-equiv="Content-Type"> <meta content="utf-8" http-equiv="encoding"> <script> var xmlHttp = new XMLHttpRequest(); xmlHttp.open( "GET", "http://127.0.0.1:7700/indexes/toto", false ); // false for synchronous request xmlHttp.setRequestHeader("Authorization", "Bearer manythefish"); xmlHttp.send( null ); console.log(xmlHttp.responseText); </script> </html> ``` Co-authored-by: ManyTheFish <many@meilisearch.com>
This commit is contained in:
commit
c0251eb680
@ -143,6 +143,7 @@ macro_rules! create_app {
|
||||
.wrap(
|
||||
Cors::default()
|
||||
.send_wildcard()
|
||||
.allowed_headers(vec!["content-type", "Authorization"])
|
||||
.allow_any_origin()
|
||||
.allow_any_method()
|
||||
.max_age(86_400), // 24h
|
||||
|
Loading…
Reference in New Issue
Block a user