Add Idempotency-Key to allowed CORS header (#618)

It's used by other web clients, so should improve compatibility.
This commit is contained in:
Henri Dickson 2023-07-24 20:54:58 -04:00 committed by GitHub
parent f3bab95827
commit 1b7bb8c501
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -9,6 +9,7 @@ import dj_database_url
import django_cache_url
import httpx
import sentry_sdk
from corsheaders.defaults import default_headers
from pydantic import AnyUrl, BaseSettings, EmailStr, Field, validator
from sentry_sdk.integrations.django import DjangoIntegration
@ -338,6 +339,7 @@ CORS_ORIGIN_WHITELIST = SETUP.CORS_HOSTS
CORS_ALLOW_CREDENTIALS = True
CORS_PREFLIGHT_MAX_AGE = 604800
CORS_EXPOSE_HEADERS = ("link",)
CORS_ALLOW_HEADERS = (*default_headers, "Idempotency-Key")
JSONLD_MAX_SIZE = 1024 * 50 # 50 KB