diff options
author | Bernhard Posselt <nukeawhale@gmail.com> | 2013-08-29 00:51:48 +0200 |
---|---|---|
committer | Bernhard Posselt <nukeawhale@gmail.com> | 2013-08-29 00:51:48 +0200 |
commit | f0ce1d74f5c52edd928142c19cf19176ad7fff41 (patch) | |
tree | 8bfd5263ca7cd5578a3cd8f36827622758fa0531 /external/newsapi.php | |
parent | 3d46b715e93ed3d350bca2022967c8f5b609e834 (diff) |
use cors headers in options request
Diffstat (limited to 'external/newsapi.php')
-rw-r--r-- | external/newsapi.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/external/newsapi.php b/external/newsapi.php index 07c2db43d..388cdd116 100644 --- a/external/newsapi.php +++ b/external/newsapi.php @@ -30,6 +30,7 @@ use \OCA\AppFramework\Controller\Controller; use \OCA\AppFramework\Http\Request; use \OCA\AppFramework\Http\JSONResponse; use \OCA\AppFramework\Http\Response; +use \OCA\AppFramework\Http\Http; use \OCA\News\Utility\Updater; @@ -79,11 +80,13 @@ class NewsAPI extends Controller { public function cors() { // needed for webapps access due to cross origin request policy $response = new Response(); + $response->setStatus(Http::STATUS_UNAUTHORIZED); $response->addHeader('Access-Control-Allow-Origin', '*'); $response->addHeader('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE'); $response->addHeader('Access-Control-Allow-Credentials', 'true'); $response->addHeader('Access-Control-Allow-Headers', 'Authorization'); $response->addHeader('Access-Control-Max-Age', '1728000'); + $response->addHeader('WWW-Authenticate', 'Basic realm="ownCloud News"'); return $response; } |