tqt
/
Ghost
mirror of https://github.com/TryGhost/Ghost.git
2
1
Fork 0
Code Issues 1 Releases Wiki Activity

🐛 Fixed CORS for errors from Admin API 

refs #10932

Previously we were only applying the cors middleware to the options
preflight request, which meant that if the request errored, the cors
headers would not be applied, resulting in the client being unable to
read response data. This applies the cors middleware to _all_ requests
to the Admin API.
This commit is contained in:
Fabien O'Carroll 2019-07-22 12:41:17 +08:00
parent 2cb41dd8cd
commit 97983baed6
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/server/web/api/v2/admin/routes.js
View File

@ -15,8 +15,7 @@ module.exports = function apiRoutes() {
// alias delete with del
router.del = router.delete;
// ## CORS pre-flight check
router.options('*', shared.middlewares.api.cors);
router.use(shared.middlewares.api.cors);
const http = apiv2.http;