Added missing CORS headers and xhrFields
This commit is contained in:
		| @@ -31,6 +31,8 @@ | |||||||
|                     }))[0]; |                     }))[0]; | ||||||
|                     if (($cookieDomain && (is_null($httpOrigin) || $originDomain)) && setcookie('JWT', $queryString['token'], (time() + $settings->Session['Duration']), '/', '.' . $cookieDomain)) { |                     if (($cookieDomain && (is_null($httpOrigin) || $originDomain)) && setcookie('JWT', $queryString['token'], (time() + $settings->Session['Duration']), '/', '.' . $cookieDomain)) { | ||||||
|                         header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}"); |                         header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}"); | ||||||
|  |                         header('Access-Control-Allow-Credentials: true'); | ||||||
|  |                         header('Access-Control-Max-Age: 86400'); | ||||||
|                         header("HTTP/1.1 202 Accepted"); |                         header("HTTP/1.1 202 Accepted"); | ||||||
|                         exit; |                         exit; | ||||||
|                     } |                     } | ||||||
|   | |||||||
| @@ -43,6 +43,9 @@ console.log('CrossDomainLogin initiated'); | |||||||
|                             XHR.push($.get({ |                             XHR.push($.get({ | ||||||
|                                 url: "https://auth." + domain + "/lucidAuth.setXDomainCookie.php", |                                 url: "https://auth." + domain + "/lucidAuth.setXDomainCookie.php", | ||||||
|                                 crossDomain: true, |                                 crossDomain: true, | ||||||
|  |                                 xhrFields: { | ||||||
|  |                                     withCredentials: true, | ||||||
|  |                                 }, | ||||||
|                                 data: { |                                 data: { | ||||||
|                                     ref: btoa(JSON.stringify({ |                                     ref: btoa(JSON.stringify({ | ||||||
|                                         action: 'login', |                                         action: 'login', | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user