From bbf890328ce1f66b2de5dd7de0d9fd90e16d536a Mon Sep 17 00:00:00 2001
From: vlad <vlad@driver.xyz>
Date: Thu, 15 Jun 2017 15:00:29 -0700
Subject: More CORS allowed headers

---
 src/main/scala/xyz/driver/core/app.scala | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/src/main/scala/xyz/driver/core/app.scala b/src/main/scala/xyz/driver/core/app.scala
index b3eb821..50e8847 100644
--- a/src/main/scala/xyz/driver/core/app.scala
+++ b/src/main/scala/xyz/driver/core/app.scala
@@ -70,7 +70,25 @@ object app {
       request.headers.find(_.name().toLowerCase === headerName).map(_.value())
 
     private val allowHeaders =
-      `Access-Control-Allow-Headers`("Origin", "X-Requested-With", "Content-Type", "Accept")
+      `Access-Control-Allow-Headers`(
+        "Origin",
+        "X-Requested-With",
+        "Content-Type",
+        "Content-Length",
+        "Accept",
+        "X-Trace",
+        "Access-Control-Allow-Origin",
+        "Access-Control-Allow-Headers",
+        "Server",
+        "Date",
+        ContextHeaders.TrackingIdHeader,
+        ContextHeaders.StacktraceHeader,
+        "X-Frame-Options",
+        "X-Content-Type-Options",
+        "Strict-Transport-Security",
+        AuthProvider.SetAuthenticationTokenHeader,
+        AuthProvider.SetPermissionsTokenHeader
+      )
 
     private def allowOrigin(originHeader: Option[Origin]) =
       `Access-Control-Allow-Origin`(
-- 
cgit v1.2.3