You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by mh...@apache.org on 2018/07/26 18:55:31 UTC
[incubator-openwhisk-apigateway] branch master updated: Add
additional headers to remove when cors is disabled (#317)
This is an automated email from the ASF dual-hosted git repository.
mhamann pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-apigateway.git
The following commit(s) were added to refs/heads/master by this push:
new c89afeb Add additional headers to remove when cors is disabled (#317)
c89afeb is described below
commit c89afebf6da51656240b18ef753f7bdbfea6210d
Author: Alex Song <al...@gmail.com>
AuthorDate: Thu Jul 26 14:55:29 2018 -0400
Add additional headers to remove when cors is disabled (#317)
---
scripts/lua/cors.lua | 2 ++
1 file changed, 2 insertions(+)
diff --git a/scripts/lua/cors.lua b/scripts/lua/cors.lua
index 8c0b1f5..10deee8 100644
--- a/scripts/lua/cors.lua
+++ b/scripts/lua/cors.lua
@@ -44,6 +44,8 @@ function _M.replaceHeaders()
ngx.header['Access-Control-Allow-Methods'] = nil
ngx.header['Access-Control-Allow-Headers'] = nil
ngx.header['Access-Control-Allow-Credentials'] = nil
+ ngx.header['Access-Control-Expose-Headers'] = nil
+ ngx.header['Access-Control-Max-Age'] = nil
else
ngx.header['Access-Control-Allow-Origin'] = ngx.var.cors_origins == 'true' and (ngx.var.http_origin or '*') or ngx.var.cors_origins
ngx.header['Access-Control-Allow-Methods'] = ngx.var.cors_methods or 'GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS'