From d8f112278b2c515955b90e9ca74b1af9f10d8bb7 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Mon, 10 Jun 2019 18:29:33 +0300
Subject: Additional CORS headers settings, added earlier. In progress.

---
 snap-src/bin/wekan-help | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'snap-src/bin/wekan-help')

diff --git a/snap-src/bin/wekan-help b/snap-src/bin/wekan-help
index 642b6b5f..f8509d4c 100755
--- a/snap-src/bin/wekan-help
+++ b/snap-src/bin/wekan-help
@@ -68,6 +68,16 @@ echo -e "\t$ snap set $SNAP_NAME cors='*'"
 echo -e "\t-Disable the CORS:"
 echo -e "\t$ snap set $SNAP_NAME cors=''"
 echo -e "\n"
+echo -e "To enable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
+echo -e "\t$ snap set $SNAP_NAME cors-allow-headers='Authorization,Content-Type'"
+echo -e "\t-Disable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
+echo -e "\t$ snap set $SNAP_NAME cors-allow-headers=''"
+echo -e "\n"
+echo -e "To enable the Set Access-Control-Expose-Headers header.  This is not needed for typical CORS situations. Example: *"
+echo -e "\t$ snap set $SNAP_NAME cors-expose-headers='*'"
+echo -e "\t-Disable the Set Access-Control-Expose-Headers header.  This is not needed for typical CORS situations. Example: ''"
+echo -e "\t$ snap set $SNAP_NAME cors-expose-headers=''"
+echo -e "\n"
 echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside."
 echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections"
 echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js"
-- 
cgit v1.2.3-1-g7c22