9187aa669d
The Authorization header needs to be allowed when doing CORS because otherwise /userinfo can't work. It isn't one of the headers explicitly allowed by default by Gorilla, so we have to call handlers.AllowedHeaders() to specify it. Issues: #1532 Signed-off-by: Alastair Houghton <alastair@alastairs-place.net> |
||
---|---|---|
.. | ||
internal | ||
api_test.go | ||
api.go | ||
deviceflowhandlers_test.go | ||
deviceflowhandlers.go | ||
doc.go | ||
handlers_test.go | ||
handlers.go | ||
oauth2_test.go | ||
oauth2.go | ||
rotation_test.go | ||
rotation.go | ||
server_test.go | ||
server.go | ||
templates_test.go | ||
templates.go |