commit b847af1dbd6e9b0e7746e0919f4abedf1cf19f5f parent 9c209fe6e4ae35c374c3e0b1d97b0a71c8f1160b Author: tobi <31960611+tsmethurst@users.noreply.github.com> Date: Mon, 3 Apr 2023 12:01:24 +0200 [bugfix] Add idempotency-key to allowed CORS headers (#1670) Diffstat:
| M | internal/middleware/cors.go | | | 5 | +++++ |
1 file changed, 5 insertions(+), 0 deletions(-)
diff --git a/internal/middleware/cors.go b/internal/middleware/cors.go @@ -54,6 +54,11 @@ func CORS() gin.HandlerFunc { // needed to pass oauth bearer tokens "Authorization", + // Some clients require this; see: + // - https://docs.joinmastodon.org/methods/statuses/#headers + // - https://github.com/superseriousbusiness/gotosocial/issues/1664 + "Idempotency-Key", + // needed for websocket upgrade requests "Upgrade", "Sec-WebSocket-Extensions",