Added missing CORS headers and xhrFields
This commit is contained in:
		| @@ -31,6 +31,8 @@ | ||||
|                     }))[0]; | ||||
|                     if (($cookieDomain && (is_null($httpOrigin) || $originDomain)) && setcookie('JWT', $queryString['token'], (time() + $settings->Session['Duration']), '/', '.' . $cookieDomain)) { | ||||
|                         header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}"); | ||||
|                         header('Access-Control-Allow-Credentials: true'); | ||||
|                         header('Access-Control-Max-Age: 86400'); | ||||
|                         header("HTTP/1.1 202 Accepted"); | ||||
|                         exit; | ||||
|                     } | ||||
|   | ||||
| @@ -43,6 +43,9 @@ console.log('CrossDomainLogin initiated'); | ||||
|                             XHR.push($.get({ | ||||
|                                 url: "https://auth." + domain + "/lucidAuth.setXDomainCookie.php", | ||||
|                                 crossDomain: true, | ||||
|                                 xhrFields: { | ||||
|                                     withCredentials: true, | ||||
|                                 }, | ||||
|                                 data: { | ||||
|                                     ref: btoa(JSON.stringify({ | ||||
|                                         action: 'login', | ||||
|   | ||||
		Reference in New Issue
	
	Block a user