Added Cache-Control in CORs allowed headers

Some library set this header to avoid caching, but the browser will deny the COR request with `Request header field Cache-Control is not allowed by Access-Control-Allow-Headers in preflight response.`
prose · Jun 27, 2017 · 84fc997 · 84fc997
1 parent 7c6ec06
commit 84fc997
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/server.js b/server.js
@@ -54,7 +54,7 @@ function authenticate(code, cb) {
 app.all('*', function (req, res, next) {
   res.header('Access-Control-Allow-Origin', '*'); 
   res.header('Access-Control-Allow-Methods', 'GET, OPTIONS'); 
-  res.header('Access-Control-Allow-Headers', 'Content-Type');
+  res.header('Access-Control-Allow-Headers', 'Content-Type, Cache-Control');
   next();
 });