From 2090a189035a0e8976be5c48b39ba483a7ccf9c9 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Thu, 24 Feb 2022 11:05:53 -0500 Subject: [PATCH] fix(cors): allow Content-Type headers --- .../io/cryostat/net/web/http/generic/CorsEnablingHandler.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/io/cryostat/net/web/http/generic/CorsEnablingHandler.java b/src/main/java/io/cryostat/net/web/http/generic/CorsEnablingHandler.java index 28cc443a4b..e3fded0879 100644 --- a/src/main/java/io/cryostat/net/web/http/generic/CorsEnablingHandler.java +++ b/src/main/java/io/cryostat/net/web/http/generic/CorsEnablingHandler.java @@ -52,6 +52,7 @@ import io.vertx.core.http.HttpMethod; import io.vertx.ext.web.RoutingContext; import io.vertx.ext.web.handler.CorsHandler; +import org.apache.http.HttpHeaders; class CorsEnablingHandler implements RequestHandler { protected static final String DEV_ORIGIN = "http://localhost:9000"; @@ -63,8 +64,9 @@ class CorsEnablingHandler implements RequestHandler { this.env = env; this.corsHandler = CorsHandler.create(getOrigin()) - .allowedHeader("Authorization") + .allowedHeader(HttpHeaders.AUTHORIZATION) .allowedHeader(AbstractAuthenticatedRequestHandler.JMX_AUTHORIZATION_HEADER) + .allowedHeader(HttpHeaders.CONTENT_TYPE) .allowedMethod(HttpMethod.GET) .allowedMethod(HttpMethod.POST) .allowedMethod(HttpMethod.PATCH)