From f0ce1d74f5c52edd928142c19cf19176ad7fff41 Mon Sep 17 00:00:00 2001
From: Bernhard Posselt <nukeawhale@gmail.com>
Date: Thu, 29 Aug 2013 00:51:48 +0200
Subject: use cors headers in options request

---
 external/newsapi.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'external')

diff --git a/external/newsapi.php b/external/newsapi.php
index 07c2db43d..388cdd116 100644
--- a/external/newsapi.php
+++ b/external/newsapi.php
@@ -30,6 +30,7 @@ use \OCA\AppFramework\Controller\Controller;
 use \OCA\AppFramework\Http\Request;
 use \OCA\AppFramework\Http\JSONResponse;
 use \OCA\AppFramework\Http\Response;
+use \OCA\AppFramework\Http\Http;
 
 use \OCA\News\Utility\Updater;
 
@@ -79,11 +80,13 @@ class NewsAPI extends Controller {
 	public function cors() {
 		// needed for webapps access due to cross origin request policy
 		$response = new Response();
+		$response->setStatus(Http::STATUS_UNAUTHORIZED);
 		$response->addHeader('Access-Control-Allow-Origin', '*');
 		$response->addHeader('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE');
 		$response->addHeader('Access-Control-Allow-Credentials', 'true');
 		$response->addHeader('Access-Control-Allow-Headers', 'Authorization');
 		$response->addHeader('Access-Control-Max-Age', '1728000');
+		$response->addHeader('WWW-Authenticate', 'Basic realm="ownCloud News"');
 		return $response;
 	}
 
-- 
cgit v1.2.3