Allow If-Match and If-None-Match headers via CORS

2013-10-27 20:38:27 +01:00 · 2013-10-27 20:38:27 +01:00 · 2a2cc0a3ec
commit 2a2cc0a3ec
parent b907f02f37
2 changed files with 5 additions and 5 deletions
--- a/liquor-cabinet.rb
+++ b/liquor-cabinet.rb
@ -42,7 +42,7 @@ class LiquorCabinet < Sinatra::Base
    before path do
      headers 'Access-Control-Allow-Origin' => '*',
              'Access-Control-Allow-Methods' => 'GET, PUT, DELETE',
-              'Access-Control-Allow-Headers' => 'Authorization, Content-Type, Origin'
+              'Access-Control-Allow-Headers' => 'Authorization, Content-Type, Origin, If-Match, If-None-Match',
      headers['Access-Control-Allow-Origin'] = env["HTTP_ORIGIN"] if env["HTTP_ORIGIN"]
      headers['Cache-Control'] = 'no-cache'

--- a/spec/directories_spec.rb
+++ b/spec/directories_spec.rb
@ -62,7 +62,7 @@ describe "Directories" do
      last_response.status.must_equal 200
      last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
      last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
-      last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
+      last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
    end

    context "when If-None-Match header is set" do
@ -437,7 +437,7 @@ describe "Directories" do

      last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
      last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
-      last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
+      last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
    end

    context "sub-directories" do
@ -448,7 +448,7 @@ describe "Directories" do

        last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
        last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
-        last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
+        last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
      end
    end

@ -460,7 +460,7 @@ describe "Directories" do

        last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
        last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
-        last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
+        last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
      end
    end
  end