From f9aae7af6aa1392cf8d9fb6ea80fdbc8dec32157 Mon Sep 17 00:00:00 2001
From: Neil Lalonde <neillalonde@gmail.com>
Date: Mon, 6 Mar 2017 14:41:57 -0500
Subject: [PATCH] FIX: add Discourse-Visible to CORS allowed headers for sites
 that use a proxy

---
 config/initializers/008-rack-cors.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/initializers/008-rack-cors.rb b/config/initializers/008-rack-cors.rb
index c5d476f715b..4864b961f67 100644
--- a/config/initializers/008-rack-cors.rb
+++ b/config/initializers/008-rack-cors.rb
@@ -29,7 +29,7 @@ if GlobalSetting.enable_cors
         end
 
         headers['Access-Control-Allow-Origin'] = origin || cors_origins[0]
-        headers['Access-Control-Allow-Headers'] = 'X-Requested-With, X-CSRF-Token'
+        headers['Access-Control-Allow-Headers'] = 'X-Requested-With, X-CSRF-Token, Discourse-Visible'
         headers['Access-Control-Allow-Credentials'] = 'true'
       end