Add PATCH to allowed CORS methods

richiemcilroy · richiemcilroy · commit 027df38af466 · 2026-03-03T13:49:31.000Z
diff --git a/apps/api/src/middleware/security-headers.ts b/apps/api/src/middleware/security-headers.ts
@@ -8,7 +8,7 @@ const ALLOWED_ORIGIN_PATTERNS = [
   /^http:\/\/localhost(:\d+)?$/,
 ]
 
-const CORS_METHODS = 'GET, POST, PUT, DELETE, OPTIONS'
+const CORS_METHODS = 'GET, POST, PUT, PATCH, DELETE, OPTIONS'
 const CORS_HEADERS = 'Authorization, Content-Type, X-Request-Id, Idempotency-Key'
 const CORS_EXPOSE =
   'X-Request-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Replay-Access'

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@ const ALLOWED_ORIGIN_PATTERNS = [`
`8`	`8`	`/^http:\/\/localhost(:\d+)?$/,`
`9`	`9`	`]`
`10`	`10`
`11`		`-const CORS_METHODS = 'GET, POST, PUT, DELETE, OPTIONS'`
	`11`	`+const CORS_METHODS = 'GET, POST, PUT, PATCH, DELETE, OPTIONS'`
`12`	`12`	`const CORS_HEADERS = 'Authorization, Content-Type, X-Request-Id, Idempotency-Key'`
`13`	`13`	`const CORS_EXPOSE =`
`14`	`14`	`'X-Request-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Replay-Access'`