From eb043307871d95bb9995c23d752f15d764b9d1bf Mon Sep 17 00:00:00 2001
From: Simon Heider <simon.heider@gmx.at>
Date: Mon, 26 Aug 2024 15:28:37 +0200
Subject: [PATCH] some cors changes again

---
 app.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app.js b/app.js
index c5fe8f3..56047b8 100644
--- a/app.js
+++ b/app.js
@@ -17,10 +17,11 @@ var app = express();
 const corsOptions = {
   origin: '*',  // Allow requests only from your frontend's origin
   methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],  // Allow these HTTP methods
-  allowedHeaders: ['Content-Type', 'Authorization'],  // Allow these headers
+  allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],  // Allow these headers
   credentials: true  // Allow credentials if you are using them (e.g., cookies, authentication)
 };
 app.use(cors(corsOptions));
+app.options('*', cors(corsOptions)); // Handle preflight requests
 
 // view engine setup
 app.set('views', path.join(__dirname, 'views'));