Merge pull request #64 from taigaio/avoid-options-pre-flight

Add access-control-max-age header to cors middleware for avoid options pre-flight
2014-09-04 12:04:49 +02:00 · 2014-09-04 12:04:49 +02:00 · 207e0d6427
parent 1578f4352c d460f777f7
commit 207e0d6427
1 changed files with 1 additions and 0 deletions
--- a/taiga/base/middleware/cors.py
+++ b/taiga/base/middleware/cors.py
@ -37,6 +37,7 @@ class CoorsMiddleware(object):
        response["Access-Control-Allow-Methods"] = ",".join(COORS_ALLOWED_METHODS)
        response["Access-Control-Allow-Headers"] = ",".join(COORS_ALLOWED_HEADERS)
        response["Access-Control-Expose-Headers"] = ",".join(COORS_EXPOSE_HEADERS)
+        response["Access-Control-Max-Age"] = "3600"

        if COORS_ALLOWED_CREDENTIALS:
            response["Access-Control-Allow-Credentials"] = "true"