Access-Control-Allow-Headers: Authorization, Content-Type - refs #1922

2025-12-10 16:51:24 +01:00 · 2022-11-30 15:11:16 -08:00 · 2022-11-30 15:11:16 -08:00 · f0fadc28dd
commit f0fadc28dd
parent 418eb7c5c6
3 changed files with 3 additions and 3 deletions
--- a/datasette/utils/init.py
+++ b/datasette/utils/init.py
@ -1129,7 +1129,7 @@ async def derive_named_parameters(db, sql):

 def add_cors_headers(headers):
    headers["Access-Control-Allow-Origin"] = "*"
-    headers["Access-Control-Allow-Headers"] = "Authorization"
+    headers["Access-Control-Allow-Headers"] = "Authorization, Content-Type"
    headers["Access-Control-Expose-Headers"] = "Link"
    headers["Access-Control-Allow-Methods"] = "GET, POST, HEAD, OPTIONS"