From: Galen Charlton <gmc@esilibrary.com>
Date: Thu, 21 Aug 2014 17:02:14 +0000 (-0700)
Subject: LP#1002028: set Access-Control-Expose-Headers
X-Git-Tag: osrf_rel_2_4_0-alpha~3
X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=e8f78636586aeca15632bcfbf0cae20beb2d66a6;p=OpenSRF.git

LP#1002028: set Access-Control-Expose-Headers

This allows the OpenSRF JavaScript client library (or
to be precise, one that has been modified to direct
requests at a different domain) to take advantage of CORS
support.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
---

diff --git a/src/gateway/apachetools.c b/src/gateway/apachetools.c
index e7343dd..d3975d3 100644
--- a/src/gateway/apachetools.c
+++ b/src/gateway/apachetools.c
@@ -201,6 +201,7 @@ int crossOriginHeaders(request_rec* r, osrfStringArray* allowedOrigins) {
 	apr_table_set(r->headers_out, "Access-Control-Allow-Origin", origin);
 	apr_table_set(r->headers_out, "Access-Control-Allow-Methods", "POST,OPTIONS");
 	apr_table_set(r->headers_out, "Access-Control-Allow-Headers", OSRF_HTTP_ALL_HEADERS);
+	apr_table_set(r->headers_out, "Access-Control-Expose-Headers", OSRF_HTTP_ALL_HEADERS);
 
 	osrfLogInfo(OSRF_LOG_MARK, "Set cross-origin headers for request from %s", origin);