From dec43f5e77dc34f71879a40839ac6f7ffe369c13 Mon Sep 17 00:00:00 2001
From: Bernhard Posselt <nukeawhale@gmail.com>
Date: Wed, 28 Aug 2013 23:50:59 +0200
Subject: also allow authorization header

---
 external/newsapi.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'external')

diff --git a/external/newsapi.php b/external/newsapi.php
index 7e8d901d0..07c2db43d 100644
--- a/external/newsapi.php
+++ b/external/newsapi.php
@@ -82,6 +82,7 @@ class NewsAPI extends Controller {
 		$response->addHeader('Access-Control-Allow-Origin', '*');
 		$response->addHeader('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE');
 		$response->addHeader('Access-Control-Allow-Credentials', 'true');
+		$response->addHeader('Access-Control-Allow-Headers', 'Authorization');
 		$response->addHeader('Access-Control-Max-Age', '1728000');
 		return $response;
 	}
-- 
cgit v1.2.3