Merge branch 'risacher-master' into edge

2025-04-22 04:57:07 -04:00 · 2019-05-24 22:35:35 +03:00 · 2019-05-24 22:35:35 +03:00 · a7fb9662e3
commit a7fb9662e3
parent d7bc8d100d cb00cfc1b7
2 changed files with 16 additions and 0 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -239,6 +239,10 @@ services:
      # ==== CORS =====
      # CORS: Set Access-Control-Allow-Origin header.
      #- CORS=*
+      # CORS_ALLOW_HEADERS: Set Access-Control-Allow-Headers header.  "Authorization,Content-Type" is required for cross-origin use of the API.
+      #- CORS_ALLOW_HEADERS=Authorization,Content-Type
+      # CORS_EXPOSE_HEADERS: Set Access-Control-Expose-Headers header.  This is not needed for typical CORS situations
+      #- CORS_EXPOSE_HEADERS=*
      #-----------------------------------------------------------------
      # ==== MATOMO INTEGRATION ====
      # Optional: Integration with Matomo https://matomo.org that is installed to your server
--- a/server/cors.js
+++ b/server/cors.js
@ -7,5 +7,17 @@ Meteor.startup(() => {
      return next();
    });
  }
+  if ( process.env.CORS_ALLOW_HEADERS ) {
+    WebApp.rawConnectHandlers.use(function(req, res, next) {
+      res.setHeader('Access-Control-Allow-Headers', process.env.CORS_ALLOW_HEADERS);
+      return next();
+    });
+  }
+  if ( process.env.CORS_EXPOSE_HEADERS ) {
+    WebApp.rawConnectHandlers.use(function(req, res, next) {
+      res.setHeader('Access-Control-Expose-Headers', process.env.CORS_EXPOSE_HEADERS);
+      return next();
+    });
+  }

 });