31cb8c38 by Jeff Balicki

c

1 parent 760edf3c
......@@ -23,9 +23,10 @@ class Cors
'Access-Control-Allow-Headers'=> 'Content-Type, X-Auth-Token, Origin',
'Access-Control-Max-Age'=> '28800'
];
if($request->getMethod() == "OPTIONS") {
// The client-side application can set only headers allowed in Access-Control-Allow-Headers
return Response::make('OK', 200, $headers);
}
$response = $next($request);
foreach($headers as $key => $value)
......