From d0741fde6ef940381b197d591ae07c02cfa8e292 Mon Sep 17 00:00:00 2001 From: rubenwardy Date: Wed, 24 Nov 2021 15:49:00 +0000 Subject: [PATCH] Also allow Authorization header --- app/blueprints/api/endpoints.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/blueprints/api/endpoints.py b/app/blueprints/api/endpoints.py index deae99f6..87523e3d 100644 --- a/app/blueprints/api/endpoints.py +++ b/app/blueprints/api/endpoints.py @@ -35,7 +35,7 @@ def cors_allowed(f): res = f(*args, **kwargs) res.headers["Access-Control-Allow-Origin"] = "*" res.headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE, OPTIONS" - res.headers["Access-Control-Allow-Headers"] = "Content-Type" + res.headers["Access-Control-Allow-Headers"] = "Content-Type, Authorization" return res return inner