fix: set CORS 'Access-Control-Max-Age' header to 86400 seconds

rahearn · Apr 13, 2020 · 3883c24 · 3883c24
1 parent 8f7280f
commit 3883c24
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/api/api.go b/api/api.go
@@ -126,6 +126,7 @@ func NewAPIWithVersion(ctx context.Context, globalConfig *conf.GlobalConfigurati
  AllowedMethods: []string{http.MethodGet, http.MethodHead, http.MethodPost, http.MethodPut, http.MethodDelete, http.MethodPatch},
  AllowedHeaders: []string{"Accept", "Authorization", "Private-Token", "Content-Type", audHeaderName},
  AllowCredentials: true,
+ MaxAge: 86400,
  })
 
  api.handler = corsHandler.Handler(chi.ServerBaseContext(r, ctx))