Add Access-Control-Allow-Methods header

Add the Access-Control-Allow-Methods header so that DELETE operations are allowed. Also move the write CORS headers method before docker writes a 404 not found so that the client receives the correct response and not an invalid CORS request.
2013-06-09 17:17:35 -09:00 · 2013-06-09 17:17:35 -09:00 · 393e873d25
parent 6d5bdff394
commit 393e873d25
1 changed files with 4 additions and 3 deletions
--- a/api.go
+++ b/api.go
@ -706,6 +706,7 @@ func postBuild(srv *Server, version float64, w http.ResponseWriter, r *http.Requ
 func writeCorsHeaders(w http.ResponseWriter, r *http.Request) {
 	w.Header().Add("Access-Control-Allow-Origin", "*")
 	w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept")
+	w.Header().Add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
 }

 func ListenAndServe(addr string, srv *Server, logging bool) error {
@ -774,13 +775,13 @@ func ListenAndServe(addr string, srv *Server, logging bool) error {
 				if err != nil {
 					version = API_VERSION
 				}
+				if srv.enableCors {
+					writeCorsHeaders(w, r)
+				}
 				if version == 0 || version > API_VERSION {
 					w.WriteHeader(http.StatusNotFound)
 					return
 				}
-				if srv.enableCors {
-					writeCorsHeaders(w, r)
-				}
 				if err := localFct(srv, version, w, r, mux.Vars(r)); err != nil {
 					httpError(w, err)
 				}