rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-11-02 12:06:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: allow all headers on cors (#3653)

Browse Source
This commit is contained in:
Kartikeya Hegde
2024-02-15 09:27:03 +00:00
committed by GitHub
parent 2d4f6b3fa0
commit 64bf815294
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
crates/router/src/cors.rs
View File

@ -7,6 +7,7 @@ pub fn cors(config: settings::CorsSettings) -> actix_cors::Cors {
let mut cors = actix_cors::Cors::default()
.allowed_methods(allowed_methods)
.allow_any_header()
.max_age(config.max_age);
if config.wildcard_origin {
@ -15,6 +16,8 @@ pub fn cors(config: settings::CorsSettings) -> actix_cors::Cors {
for origin in &config.origins {
cors = cors.allowed_origin(origin);
}
// Only allow this in case if it's not wildcard origins. ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
cors = cors.supports_credentials();
}
cors