RepoMirrors
/
prometheus
mirror of https://github.com/prometheus/prometheus
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Disallow cross-origin DELETE and POST requests.

This commit is contained in:
Julius Volz 2015-06-24 17:26:49 +02:00
parent 364003c444
commit bc1c789bab
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/api/v1/api.go
View File

@ -65,7 +65,7 @@ type API struct {
// Enables cross-site script calls. // Enables cross-site script calls.
func setCORS(w http.ResponseWriter) { func setCORS(w http.ResponseWriter) {
w.Header().Set("Access-Control-Allow-Headers", "Accept, Authorization, Content-Type, Origin") w.Header().Set("Access-Control-Allow-Headers", "Accept, Authorization, Content-Type, Origin")
w.Header().Set("Access-Control-Allow-Methods", "GET, POST, DELETE") w.Header().Set("Access-Control-Allow-Methods", "GET")
w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Expose-Headers", "Date") w.Header().Set("Access-Control-Expose-Headers", "Date")
} }