fix: Configure CORS properly to allow authorization and content-type …

…header
ReVanced · Sep 29, 2024 · 6442757 · 6442757
1 parent 710416f
commit 6442757
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/src/main/kotlin/app/revanced/api/configuration/HTTP.kt b/src/main/kotlin/app/revanced/api/configuration/HTTP.kt
@@ -1,6 +1,7 @@
 package app.revanced.api.configuration
 
 import app.revanced.api.configuration.repository.ConfigurationRepository
+import io.ktor.http.*
 import io.ktor.server.application.*
 import io.ktor.server.plugins.*
 import io.ktor.server.plugins.cors.routing.*
@@ -13,6 +14,11 @@ fun Application.configureHTTP() {
     val configurationRepository = get<ConfigurationRepository>()
 
     install(CORS) {
+        allowHeader(HttpHeaders.ContentType)
+        allowHeader(HttpHeaders.Authorization)
+
+        allowCredentials = true
+
         configurationRepository.corsAllowedHosts.forEach { host ->
             allowHost(
                 host = host,