Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS - refs #1922

2025-12-10 16:51:24 +01:00 · 2022-11-30 12:25:12 -08:00 · 2022-11-30 12:25:12 -08:00 · 6bfd71f5c6
commit 6bfd71f5c6
parent 4c18730e71
3 changed files with 4 additions and 0 deletions
--- a/docs/json_api.rst
+++ b/docs/json_api.rst
@ -15,6 +15,7 @@ served with the following additional HTTP headers::
    Access-Control-Allow-Origin: *
    Access-Control-Allow-Headers: Authorization
    Access-Control-Expose-Headers: Link
+    Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS

 This means JavaScript running on any domain will be able to make cross-origin
 requests to fetch the data.