Allow additional headers

2025-05-24 02:14:21 -04:00 · 2020-07-28 22:55:40 +10:00 · 2020-07-28 22:55:40 +10:00 · fb34f2654a
commit fb34f2654a
parent 44894edb17
1 changed files with 2 additions and 2 deletions
--- a/app/Http/Middleware/Cors.php
+++ b/app/Http/Middleware/Cors.php
@ -16,7 +16,7 @@ class Cors
            // ALLOW OPTIONS METHOD
            $headers = [
                'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
-                'Access-Control-Allow-Headers'=> 'X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'
+                'Access-Control-Allow-Headers'=> 'X-API-COMPANY_KEY,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'
            ];

            return Response::make('OK', 200, $headers);
@ -36,7 +36,7 @@ class Cors

        $response->headers->set('Access-Control-Allow-Origin', '*');
        $response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
-        $response->headers->set('Access-Control-Allow-Headers', 'X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range');
+        $response->headers->set('Access-Control-Allow-Headers', 'X-API-COMPANY_KEY,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range');
        $response->headers->set('Access-Control-Expose-Headers', 'X-APP-VERSION,X-MINIMUM-CLIENT-VERSION');
        $response->headers->set('X-APP-VERSION', config('ninja.app_version'));
        $response->headers->set('X-MINIMUM-CLIENT-VERSION', config('ninja.minimum_client_version'));