Allow all incoming headers for auth request (#46)

railwayapp · Oct 29, 2020 · 4d63813 · 4d63813
1 parent 8b2be22
commit 4d63813
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/controller/user.go b/controller/user.go
@@ -92,7 +92,7 @@ func (c *Controller) browserBasedLogin(ctx context.Context) (*entity.User, error
 				w.Write(byteRes)
 			} else if r.Method == http.MethodOptions {
 				w.Header().Set("Access-Control-Allow-Methods", "GET, HEAD, PUT, PATCH, POST, DELETE")
-				w.Header().Set("Access-Control-Allow-Headers", "authorization")
+				w.Header().Set("Access-Control-Allow-Headers", "*")
 				w.Header().Set("Content-Length", "0")
 				w.WriteHeader(204)
 				return