From 97983baed6750312e8cce91c3172f9f5919f70a6 Mon Sep 17 00:00:00 2001 From: Fabien O'Carroll Date: Mon, 22 Jul 2019 12:41:17 +0800 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Fixed=20CORS=20for=20errors=20fr?= =?UTF-8?q?om=20Admin=20API?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit refs #10932 Previously we were only applying the cors middleware to the options preflight request, which meant that if the request errored, the cors headers would not be applied, resulting in the client being unable to read response data. This applies the cors middleware to _all_ requests to the Admin API. --- core/server/web/api/v2/admin/routes.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/core/server/web/api/v2/admin/routes.js b/core/server/web/api/v2/admin/routes.js index 412bcefe94..8742ca5115 100644 --- a/core/server/web/api/v2/admin/routes.js +++ b/core/server/web/api/v2/admin/routes.js @@ -15,8 +15,7 @@ module.exports = function apiRoutes() { // alias delete with del router.del = router.delete; - // ## CORS pre-flight check - router.options('*', shared.middlewares.api.cors); + router.use(shared.middlewares.api.cors); const http = apiv2.http;