mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-27 00:19:25 -05:00
JSON API fix OPTION method handling for authenticated methods
This commit is contained in:
parent
db0a22a226
commit
bdf9bd5c56
@ -49,7 +49,7 @@ JsonApiServer::corsHeaders =
|
||||
{
|
||||
{ "Access-Control-Allow-Origin", "*" },
|
||||
{ "Access-Control-Allow-Methods", "GET, POST, OPTIONS"},
|
||||
{ "Access-Control-Allow-Headers", "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" },
|
||||
{ "Access-Control-Allow-Headers", "Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" },
|
||||
{ "Access-Control-Expose-Headers", "Content-Length,Content-Range" }
|
||||
};
|
||||
|
||||
@ -58,7 +58,7 @@ JsonApiServer::corsOptionsHeaders =
|
||||
{
|
||||
{ "Access-Control-Allow-Origin", "*" },
|
||||
{ "Access-Control-Allow-Methods", "GET, POST, OPTIONS"},
|
||||
{ "Access-Control-Allow-Headers", "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" },
|
||||
{ "Access-Control-Allow-Headers", "Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" },
|
||||
{ "Access-Control-Max-Age", "1728000" }, // 20 days
|
||||
{ "Content-Type", "text/plain; charset=utf-8" },
|
||||
{ "Content-Length", "0" }
|
||||
@ -322,6 +322,12 @@ void JsonApiServer::registerHandler(
|
||||
const std::shared_ptr<rb::Session> session,
|
||||
const std::function<void (const std::shared_ptr<rb::Session>)>& callback )
|
||||
{
|
||||
if(session->get_request()->get_method() == "OPTIONS")
|
||||
{
|
||||
callback(session);
|
||||
return;
|
||||
}
|
||||
|
||||
if(!rsLoginHelper->isLoggedIn())
|
||||
{
|
||||
session->close(rb::CONFLICT);
|
||||
|
Loading…
Reference in New Issue
Block a user