summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--external/newsapi.php1
-rw-r--r--tests/unit/external/NewsAPITest.php1
2 files changed, 2 insertions, 0 deletions
diff --git a/external/newsapi.php b/external/newsapi.php
index 7e8d901d0..07c2db43d 100644
--- a/external/newsapi.php
+++ b/external/newsapi.php
@@ -82,6 +82,7 @@ class NewsAPI extends Controller {
$response->addHeader('Access-Control-Allow-Origin', '*');
$response->addHeader('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE');
$response->addHeader('Access-Control-Allow-Credentials', 'true');
+ $response->addHeader('Access-Control-Allow-Headers', 'Authorization');
$response->addHeader('Access-Control-Max-Age', '1728000');
return $response;
}
diff --git a/tests/unit/external/NewsAPITest.php b/tests/unit/external/NewsAPITest.php
index 8fbb3eea9..2bc649c1c 100644
--- a/tests/unit/external/NewsAPITest.php
+++ b/tests/unit/external/NewsAPITest.php
@@ -106,6 +106,7 @@ class NewsAPITest extends ControllerTestUtility {
$this->assertEquals('*', $headers['Access-Control-Allow-Origin']);
$this->assertEquals('PUT, POST, GET, DELETE', $headers['Access-Control-Allow-Methods']);
$this->assertEquals('true', $headers['Access-Control-Allow-Credentials']);
+ $this->assertEquals('Authorization', $headers['Access-Control-Allow-Headers']);
$this->assertEquals('1728000', $headers['Access-Control-Max-Age']);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 16:54:59 +0000