Add Access-Control-Allow-Credentials to the CORS headers.
This commit is contained in:
parent
5bee6887cf
commit
2f30ce79c8
|
@ -15,6 +15,7 @@ if GlobalSetting.enable_cors && GlobalSetting.cors_origin.present?
|
|||
end
|
||||
|
||||
headers['Access-Control-Allow-Origin'] = origin || @origins[0]
|
||||
headers['Access-Control-Allow-Credentials'] = "true"
|
||||
[status,headers,body]
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue