[bugfix] Add idempotency-key to allowed CORS headers (#1670)

author: tobi <31960611+tsmethurst@users.noreply.github.com> 2023-04-03 12:01:24 +0200
committer: GitHub <noreply@github.com> 2023-04-03 12:01:24 +0200
commit: b847af1dbd6e9b0e7746e0919f4abedf1cf19f5f (patch)
tree: d41991afd54176f41bdd12df089c21cb19c1d813
parent: [chore]: Bump modernc.org/sqlite from 1.21.0 to 1.21.1 (#1669) (diff)
download: gotosocial-b847af1dbd6e9b0e7746e0919f4abedf1cf19f5f.tar.xz
1 files changed, 5 insertions, 0 deletions
diff --git a/internal/middleware/cors.go b/internal/middleware/cors.go
index 1b7747c3a..22e2e81d5 100644
--- a/internal/middleware/cors.go
+++ b/internal/middleware/cors.go
@@ -54,6 +54,11 @@ func CORS() gin.HandlerFunc {
 			// needed to pass oauth bearer tokens
 			"Authorization",
 
+			// Some clients require this; see:
+			//   - https://docs.joinmastodon.org/methods/statuses/#headers
+			//   - https://github.com/superseriousbusiness/gotosocial/issues/1664
+			"Idempotency-Key",
+
 			// needed for websocket upgrade requests
 			"Upgrade",
 			"Sec-WebSocket-Extensions",
author	tobi <31960611+tsmethurst@users.noreply.github.com>	2023-04-03 12:01:24 +0200
committer	GitHub <noreply@github.com>	2023-04-03 12:01:24 +0200
commit	b847af1dbd6e9b0e7746e0919f4abedf1cf19f5f (patch)
tree	d41991afd54176f41bdd12df089c21cb19c1d813
parent	[chore]: Bump modernc.org/sqlite from 1.21.0 to 1.21.1 (#1669) (diff)
download	gotosocial-b847af1dbd6e9b0e7746e0919f4abedf1cf19f5f.tar.xz