flashii/eeprom
1
0
Fork 1
Code Pull requests Releases Activity

Fixed file delete path not supplying the CORS headers.

Browse source 
the way CORS is implemented genuinely makes no fucking sense
This commit is contained in:
flash 2024-02-02 21:18:59 +00:00
parent 10937f1217
commit 9ca0587189
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/Uploads/UploadsRoutes.php
View file

@ -194,6 +194,12 @@ class UploadsRoutes implements IRouteHandler {
#[Route('DELETE', '/uploads/:fileid')]
public function deleteUpload($response, $request, string $fileId) {
if($request->hasHeader('Origin'))
$response->setHeader('Access-Control-Allow-Credentials', 'true');
$response->setHeader('Access-Control-Allow-Headers', 'Authorization');
$response->setHeader('Access-Control-Allow-Methods', 'OPTIONS, GET, DELETE');
if(!$this->authInfo->isLoggedIn())
return 401;