Skip to content

Commit 7aebf09

Browse files
committed
cors fix
1 parent 997db30 commit 7aebf09

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

worker/src/middleware/auth.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ export async function cors(c: Context, next: Next) {
7070
headers: {
7171
'Access-Control-Allow-Origin': '*',
7272
'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
73-
'Access-Control-Allow-Headers': 'Content-Type, Authorization, X-API-Key',
73+
'Access-Control-Allow-Headers': 'Content-Type, Authorization, X-API-Key, X-CSRF-Token',
7474
'Access-Control-Max-Age': '86400',
7575
},
7676
});
@@ -81,7 +81,7 @@ export async function cors(c: Context, next: Next) {
8181
// Add CORS headers to response
8282
c.res.headers.set('Access-Control-Allow-Origin', '*');
8383
c.res.headers.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
84-
c.res.headers.set('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-API-Key');
84+
c.res.headers.set('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-API-Key, X-CSRF-Token');
8585
}
8686

8787
// Export hash function for use in auth routes

0 commit comments

Comments
 (0)