🐛 Added CORS support to the v2 Content API (#10257)

no-issue

When trying to use /api/v2/content from a different domain, the requests
were failing with CORS errors. This doesn't use the shared cors middleware,
because it should be open to all hosts, and not locked down via our
whitelist or trusted domains.
This commit is contained in:
Fabien O'Carroll 2018-12-11 11:44:12 +07:00 committed by GitHub
parent 31269de7c3
commit dcfaecfe92
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,10 +1,13 @@
const express = require('express');
const cors = require('cors');
const apiv2 = require('../../../../api/v2');
const mw = require('./middleware');
module.exports = function apiRoutes() {
const router = express.Router();
router.options('*', cors());
// ## Posts
router.get('/posts', mw.authenticatePublic, apiv2.http(apiv2.posts.browse));
router.get('/posts/:id', mw.authenticatePublic, apiv2.http(apiv2.posts.read));