]> git.mxchange.org Git - quix0rs-gnu-social.git/commitdiff
Allow cross-site ajax with CORS.
authorCraig Andrews <candrews@integralblue.com>
Thu, 15 Apr 2010 16:52:59 +0000 (12:52 -0400)
committerCraig Andrews <candrews@integralblue.com>
Thu, 15 Apr 2010 16:52:59 +0000 (12:52 -0400)
Only allows un-credentialed (as in, no cookies or basic auth), no custom headers, and get (no post, put, delete, etc) requests.

lib/apiaction.php

index 5245c7ef609e619de240b09d7dacf78a5e9bab5e..d5580abd3a28945c72b35a798cf86215f4b96b13 100644 (file)
@@ -102,6 +102,7 @@ class ApiAction extends Action
 
     function handle($args)
     {
+        header('Access-Control-Allow-Origin: *');
         parent::handle($args);
     }