From 27c269d6a07c52b2bd8b33bf2bde698c97c5ab1b Mon Sep 17 00:00:00 2001 From: sigoden Date: Fri, 2 Jun 2023 19:07:43 +0800 Subject: [PATCH] fix: allow all cors headers and methods (#225) --- src/server.rs | 8 +++----- tests/cors.rs | 6 +++--- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/src/server.rs b/src/server.rs index 880d324..980b901 100644 --- a/src/server.rs +++ b/src/server.rs @@ -1286,17 +1286,15 @@ fn add_cors(res: &mut Response) { .typed_insert(AccessControlAllowCredentials); res.headers_mut().insert( "Access-Control-Allow-Methods", - HeaderValue::from_static("GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"), + HeaderValue::from_static("*"), ); res.headers_mut().insert( "Access-Control-Allow-Headers", - HeaderValue::from_static("Authorization,Destination,Range,Content-Type"), + HeaderValue::from_static("Authorization,*"), ); res.headers_mut().insert( "Access-Control-Expose-Headers", - HeaderValue::from_static( - "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition", - ), + HeaderValue::from_static("Authorization,*"), ); } diff --git a/tests/cors.rs b/tests/cors.rs index d6ed521..54e12f6 100644 --- a/tests/cors.rs +++ b/tests/cors.rs @@ -19,15 +19,15 @@ fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> { ); assert_eq!( resp.headers().get("access-control-allow-methods").unwrap(), - "GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE" + "*" ); assert_eq!( resp.headers().get("access-control-allow-headers").unwrap(), - "Authorization,Destination,Range,Content-Type" + "Authorization,*" ); assert_eq!( resp.headers().get("access-control-expose-headers").unwrap(), - "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition" + "Authorization,*" ); Ok(()) }