Always allow set credentials header

This commit is contained in:
crobibero 2020-08-30 10:05:21 -06:00
parent 3c0484cc97
commit eba0d9e387

View File

@ -52,12 +52,10 @@ namespace Jellyfin.Server.Middleware
&& string.Equals(headerValue, "*", StringComparison.Ordinal)) && string.Equals(headerValue, "*", StringComparison.Ordinal))
{ {
context.Response.Headers[HeaderNames.AccessControlAllowOrigin] = context.Request.Host.Value; context.Response.Headers[HeaderNames.AccessControlAllowOrigin] = context.Request.Host.Value;
_logger.LogDebug("Overwriting CORS response header: {HeaderName}: {HeaderValue}", HeaderNames.AccessControlAllowOrigin, context.Request.Host.Value);
if (!context.Response.Headers.ContainsKey(HeaderNames.AccessControlAllowCredentials)) // Always allow credentials.
{
context.Response.Headers[HeaderNames.AccessControlAllowCredentials] = "true"; context.Response.Headers[HeaderNames.AccessControlAllowCredentials] = "true";
} _logger.LogDebug("Overwriting CORS response header: {HeaderName}: {HeaderValue}", HeaderNames.AccessControlAllowOrigin, context.Request.Host.Value);
} }
} }