Fix Auth Headers (#1324)

Co-authored-by: Ben Toogood <ben@micro.mu>
2020-03-10 16:47:01 +00:00
parent ed83c27f0e
commit 48b2a5c37c
3 changed files with 11 additions and 7 deletions
--- a/api/server/cors/cors.go
+++ b/api/server/cors/cors.go
@@ -38,6 +38,7 @@ func SetHeaders(w http.ResponseWriter, r *http.Request) {
 		set(w, "Access-Control-Allow-Origin", "*")
 	}

+	set(w, "Access-Control-Allow-Credentials", "true")
 	set(w, "Access-Control-Allow-Methods", "POST, PATCH, GET, OPTIONS, PUT, DELETE")
 	set(w, "Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
 }