From 24c5442c7804f46ac0385d61afc5e20d4efb35d5 Mon Sep 17 00:00:00 2001
From: Sebastian Kippe <sebastian@kip.pe>
Date: Wed, 29 Feb 2012 18:44:49 +0100
Subject: [PATCH] Don't authorize OPTIONS requests, allow Origin request header

---
 liquor-cabinet.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/liquor-cabinet.rb b/liquor-cabinet.rb
index 0f72087..7c4b7f9 100644
--- a/liquor-cabinet.rb
+++ b/liquor-cabinet.rb
@@ -30,12 +30,12 @@ class LiquorCabinet < Sinatra::Base
   before "/:user/:category/:key" do
     headers 'Access-Control-Allow-Origin' => '*',
             'Access-Control-Allow-Methods' => 'GET, PUT, DELETE',
-            'Access-Control-Allow-Headers' => 'Authorization, Content-Type'
+            'Access-Control-Allow-Headers' => 'Authorization, Content-Type, Origin'
 
     @user, @category, @key = params[:user], params[:category], params[:key]
     token = env["HTTP_AUTHORIZATION"] ? env["HTTP_AUTHORIZATION"].split(" ")[1] : ""
 
-    authorize_request(@user, @category, token)
+    authorize_request(@user, @category, token) unless request.options?
   end
 
   get "/ohai" do