Improve CORS Change-Id: Id63a809fb235bfa25942188318f31eeb520adc05

commit: 5b6d727f4a0d7f7a5a9353e0b2e40c3d9ff57d2e [log] [tgz]
author: Akron <nils@diewald-online.de> Thu Jan 21 11:26:02 2021 +0100
committer: Akron <nils@diewald-online.de> Thu Jan 28 12:24:34 2021 +0100
tree: b2633054f55d458a8746d711127dfec9bfd08fe4
parent: f4f26631280c5a1855dcddec01877b2260854a6c [diff] [blame]
diff --git a/lib/Kalamar.pm b/lib/Kalamar.pm
index 6a6a7cf..8efd919 100644
--- a/lib/Kalamar.pm
+++ b/lib/Kalamar.pm

@@ -110,7 +110,12 @@
 
   $self->hook(
     before_dispatch => sub {
-      shift->res->headers->header('X-Content-Type-Options' => 'nosniff');
+      my $h = shift->res->headers;
+      $h->header('X-Content-Type-Options' => 'nosniff');
+      $h->header(
+        'Access-Control-Allow-Methods' =>
+          $h->header('Access-Control-Allow-Methods') // 'GET, POST, OPTIONS'
+        );
     }
   );
 
@@ -161,6 +166,7 @@
     'default-src' => 'self',
     'style-src' => ['self','unsafe-inline'],
     'script-src' => 'self',
+    'connect-src' => 'self',
     'frame-src' => '*',
     'media-src' => 'none',
     'object-src' => 'self',
commit	5b6d727f4a0d7f7a5a9353e0b2e40c3d9ff57d2e	[log] [tgz]
author	Akron <nils@diewald-online.de>	Thu Jan 21 11:26:02 2021 +0100
committer	Akron <nils@diewald-online.de>	Thu Jan 28 12:24:34 2021 +0100
tree	b2633054f55d458a8746d711127dfec9bfd08fe4
parent	f4f26631280c5a1855dcddec01877b2260854a6c [diff] [blame]