From 393e873d25093f579d1a293bc473007b04f3c239 Mon Sep 17 00:00:00 2001
From: Michael Crosby <crosby.michael@gmail.com>
Date: Sun, 9 Jun 2013 17:17:35 -0900
Subject: [PATCH] Add Access-Control-Allow-Methods header

Add the Access-Control-Allow-Methods header so that
DELETE operations are allowed.

Also move the write CORS headers method before
docker writes a 404 not found so that the client
receives the correct response and not an invalid
CORS request.
---
 api.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/api.go b/api.go
index 978cd296a5..3831f326f2 100644
--- a/api.go
+++ b/api.go
@@ -706,6 +706,7 @@ func postBuild(srv *Server, version float64, w http.ResponseWriter, r *http.Requ
 func writeCorsHeaders(w http.ResponseWriter, r *http.Request) {
 	w.Header().Add("Access-Control-Allow-Origin", "*")
 	w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept")
+	w.Header().Add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
 }
 
 func ListenAndServe(addr string, srv *Server, logging bool) error {
@@ -774,13 +775,13 @@ func ListenAndServe(addr string, srv *Server, logging bool) error {
 				if err != nil {
 					version = API_VERSION
 				}
+				if srv.enableCors {
+					writeCorsHeaders(w, r)
+				}
 				if version == 0 || version > API_VERSION {
 					w.WriteHeader(http.StatusNotFound)
 					return
 				}
-				if srv.enableCors {
-					writeCorsHeaders(w, r)
-				}
 				if err := localFct(srv, version, w, r, mux.Vars(r)); err != nil {
 					httpError(w, err)
 				}