[tor-commits] [donate/master] Use wildcard for Access-Control-Allow-Origin
peterh at torproject.org
peterh at torproject.org
Tue May 11 21:17:51 UTC 2021
commit 9a7940ba9994789293b44c64632822cc849c918c
Author: Peter Haight <peterh at giantrabbit.com>
Date: Wed Oct 21 10:26:04 2020 -0700
Use wildcard for Access-Control-Allow-Origin
The newsletter site captcha isn't working because it needs this header
set to newsletter.torproject.org and this header doesn't allow multiple
origins. We'll just set it to wildcard for now and figure out if we can
do something else.
---
src/AccessControlMiddleware.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/AccessControlMiddleware.php b/src/AccessControlMiddleware.php
index d900fa63..d5b7381d 100644
--- a/src/AccessControlMiddleware.php
+++ b/src/AccessControlMiddleware.php
@@ -4,7 +4,7 @@ namespace Tor;
class AccessControlMiddleware {
public function __invoke($request, $response, $next) {
- $response = $response->withHeader('Access-Control-Allow-Origin', $this->torSiteBaseUrl);
+ $response = $response->withHeader('Access-Control-Allow-Origin', '*');
$response = $response->withHeader('Access-Control-Allow-Credentials', 'true');
$response = $response->withHeader('Access-Control-Allow-Headers', 'Content-Type');
return $next($request, $response);
More information about the tor-commits
mailing list