JSON API spit out CORS headers also on error

Browsers won't let JavaScript properly handle the error if the corsa
  headers are missing thanks Saud for report see:
  retroshare://forum?name=Shouldn%27t%20CORS%20headers%20be%20present%20for%20all%20API%20responses%3F&id=8fd22bd8f99754461e7ba1ca8a727995&msgid=e3232ae3a1b76698576a9159ba962fa5091e710c
This commit is contained in:
Gioacchino Mazzurco 2020-01-21 12:54:48 +01:00
parent 1666ce290a
commit 92990c55e7
No known key found for this signature in database
GPG Key ID: A1FBCA3872E87051

View File

@ -417,7 +417,7 @@ void JsonApiServer::registerHandler(
if(!rsLoginHelper->isLoggedIn()) if(!rsLoginHelper->isLoggedIn())
{ {
session->close(rb::CONFLICT); session->close(rb::CONFLICT, corsOptionsHeaders);
return; return;
} }
@ -429,7 +429,7 @@ void JsonApiServer::registerHandler(
if(authToken != "Basic") if(authToken != "Basic")
{ {
session->close(rb::UNAUTHORIZED); session->close(rb::UNAUTHORIZED, corsOptionsHeaders);
return; return;
} }
@ -437,7 +437,7 @@ void JsonApiServer::registerHandler(
authToken = decodeToken(authToken); authToken = decodeToken(authToken);
if(isAuthTokenValid(authToken)) callback(session); if(isAuthTokenValid(authToken)) callback(session);
else session->close(rb::UNAUTHORIZED); else session->close(rb::UNAUTHORIZED, corsOptionsHeaders);
} ); } );
mResources.push_back(resource); mResources.push_back(resource);