Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2026-01-06 01:28:49 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Additional CORS headers settings, added earlier. In progress.

Browse source
This commit is contained in:
Lauri Ojansivu 2019-06-10 18:29:33 +03:00
parent 5c1818fc9a
commit d8f112278b
2 changed files with 19 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
snap-src/bin/wekan-help
View file

@ -68,6 +68,16 @@ echo -e "\t$ snap set $SNAP_NAME cors='*'"
echo -e "\t-Disable the CORS:"
echo -e "\t$ snap set $SNAP_NAME cors=''"
echo -e "\n"
echo -e "To enable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
echo -e "\t$ snap set $SNAP_NAME cors-allow-headers='Authorization,Content-Type'"
echo -e "\t-Disable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
echo -e "\t$ snap set $SNAP_NAME cors-allow-headers=''"
echo -e "\n"
echo -e "To enable the Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: *"
echo -e "\t$ snap set $SNAP_NAME cors-expose-headers='*'"
echo -e "\t-Disable the Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: ''"
echo -e "\t$ snap set $SNAP_NAME cors-expose-headers=''"
echo -e "\n"
echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside."
echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections"
echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js"