Repair some access-control headers required for third-party webclients

author Niklas Poslovski <ni.pos@yandex.com>

Tue, 22 May 2018 14:26:01 +0000 (16:26 +0200)

committer lain <lain@soykaf.club>

Wed, 23 May 2018 06:48:28 +0000 (08:48 +0200)
author Niklas Poslovski <ni.pos@yandex.com>
Tue, 22 May 2018 14:26:01 +0000 (16:26 +0200)
committer lain <lain@soykaf.club>
Wed, 23 May 2018 06:48:28 +0000 (08:48 +0200)
diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx

index b8abdce22a825f07de5d291a1fd51687f444a21b..b6ca30cc93817c9be42f487787d955ce5f6c220f 100644 (file)
--- a/installation/pleroma.nginx
+++ b/installation/pleroma.nginx
@@ -52,8 +52,8 @@ server {
          # if you do not want remote frontends to be able to access your Pleroma backend
          # server, remove these lines.
          add_header 'Access-Control-Allow-Origin' '*' always;
-        add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;
-        add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type' always;
+        add_header 'Access-Control-Allow-Methods' 'POST, PUT, DELETE, GET, PATCH, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Idempotency-Key' always;
          add_header 'Access-Control-Expose-Headers' 'Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id' always;
          if ($request_method = OPTIONS) {
              return 204;
author	Niklas Poslovski <ni.pos@yandex.com>
	Tue, 22 May 2018 14:26:01 +0000 (16:26 +0200)
committer	lain <lain@soykaf.club>
	Wed, 23 May 2018 06:48:28 +0000 (08:48 +0200)