From 9e2975c629265befdd425346ed4080d200343ce4 Mon Sep 17 00:00:00 2001
From: Bernhard Posselt <nukeawhale@gmail.com>
Date: Wed, 28 Aug 2013 23:09:07 +0200
Subject: add cors for API

---
 external/newsapi.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'external')

diff --git a/external/newsapi.php b/external/newsapi.php
index 07b87f040..8a9dfc2e5 100644
--- a/external/newsapi.php
+++ b/external/newsapi.php
@@ -29,6 +29,7 @@ use \OCA\AppFramework\Core\API;
 use \OCA\AppFramework\Controller\Controller;
 use \OCA\AppFramework\Http\Request;
 use \OCA\AppFramework\Http\JSONResponse;
+use \OCA\AppFramework\Http\Response;
 
 use \OCA\News\Utility\Updater;
 
@@ -65,4 +66,22 @@ class NewsAPI extends Controller {
 		$this->updater->cleanUp();
 	}
 
+
+	/**
+	 * @IsAdminExemption
+	 * @IsSubAdminExemption
+	 * @CSRFExemption
+	 * @IsLoggedInExemption
+	 * @Ajax
+	 */
+	public function cors() {
+		// needed for webapps access due to cross origin request policy
+		$response = new Response();
+		$response->addHeader('Access-Control-Allow-Origin', '*');
+		$response->addHeader('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE');
+		$response->addHeader('Access-Control-Allow-Credentials', 'true');
+		return $response;
+	}
+
+
 }
-- 
cgit v1.2.3