Allow all headers with CORS

liquor-cabinet.rb

@@ -29,7 +29,8 @@ class LiquorCabinet < Sinatra::Base
 
   before "/:user/:category/:key" do
     headers 'Access-Control-Allow-Origin' => '*',
-            'Access-Control-Allow-Methods' => 'GET, PUT, DELETE'
+            'Access-Control-Allow-Methods' => 'GET, PUT, DELETE',
+            'Access-Control-Allow-Headers' => 'Authorization'
 
     @user, @category, @key = params[:user], params[:category], params[:key]
     token = env["HTTP_AUTHORIZATION"] ? env["HTTP_AUTHORIZATION"].split(" ")[1] : ""