diff sat/plugins/plugin_comp_file_sharing.py @ 3340:2ad14b834730

component file sharing: added `Access-Control-Expose-Headers` CORS header: without this header, the range header in response was not exposed to client. This could cause trouble is a javascript application was needing to access it.
author Goffi <goffi@goffi.org>
date Sat, 15 Aug 2020 20:28:07 +0200
parents b1e9f17fbb5a
children 12c427156cac
line wrap: on
line diff
--- a/sat/plugins/plugin_comp_file_sharing.py	Thu Aug 13 23:46:18 2020 +0200
+++ b/sat/plugins/plugin_comp_file_sharing.py	Sat Aug 15 20:28:07 2020 +0200
@@ -115,8 +115,15 @@
     def render(self, request):
         request.setHeader("Access-Control-Allow-Origin", "*")
         request.setHeader("Access-Control-Allow-Methods", "OPTIONS, HEAD, GET, PUT")
-        request.setHeader("Access-Control-Allow-Headers", "Content-Type, Xmpp-File-Path, Xmpp-File-No-Http")
+        request.setHeader(
+            "Access-Control-Allow-Headers",
+            "Content-Type, Range, Xmpp-File-Path, Xmpp-File-No-Http")
         request.setHeader("Access-Control-Allow-Credentials", "true")
+        request.setHeader("Accept-Ranges", "bytes")
+
+        request.setHeader(
+            "Access-Control-Expose-Headers",
+            "Date, Content-Length, Content-Range")
         return super().render(request)
 
     def render_OPTIONS(self, request):