set Access-Control-Allow-Credentials if available

2022-09-07 14:46:29 +02:00
parent 8b9ad5d079
commit 9f64692ede
3 changed files with 25 additions and 4 deletions
--- a/winixd/functions/functionbase.cpp
+++ b/winixd/functions/functionbase.cpp
@@ -170,6 +170,12 @@ bool FunctionBase::IsCorsOriginAvailable(const std::wstring & origin_url)
 }


+bool FunctionBase::AreCorsCredentialsAvailable()
+{
+	return true;
+}
+
+
 bool FunctionBase::AreCorsHeadersAvailable(const std::wstring & headers)
 {
 	// true by default for all headers
@@ -227,6 +233,13 @@ void FunctionBase::AddAccessControlMaxAgeHeader()
 }


+void FunctionBase::AddAccessControlAllowCredentialsHeader()
+{
+	cur->request->AddHeader(Header::access_control_allow_credentials, L"true");
+}
+
+
+
 void FunctionBase::MakeGet()
 {
 	// do nothing by default
@@ -293,6 +306,11 @@ void FunctionBase::MakeOptions()
 			AddAccessControlAllowOriginHeader(*cors_origin->get_wstr());
 			AddAccessControlMaxAgeHeader();

+			if( AreCorsCredentialsAvailable() )
+			{
+				AddAccessControlAllowCredentialsHeader();
+			}
+
 			if( cors_headers && cors_headers->is_wstr() )
 			{
 				AddAccessControlAllowHeadersHeader(*cors_headers->get_wstr());