Added missing CORS headers and xhrFields
This commit is contained in:
parent
6081e42d14
commit
5a2d3313e7
@ -31,6 +31,8 @@
|
|||||||
}))[0];
|
}))[0];
|
||||||
if (($cookieDomain && (is_null($httpOrigin) || $originDomain)) && setcookie('JWT', $queryString['token'], (time() + $settings->Session['Duration']), '/', '.' . $cookieDomain)) {
|
if (($cookieDomain && (is_null($httpOrigin) || $originDomain)) && setcookie('JWT', $queryString['token'], (time() + $settings->Session['Duration']), '/', '.' . $cookieDomain)) {
|
||||||
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
|
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
|
||||||
|
header('Access-Control-Allow-Credentials: true');
|
||||||
|
header('Access-Control-Max-Age: 86400');
|
||||||
header("HTTP/1.1 202 Accepted");
|
header("HTTP/1.1 202 Accepted");
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
@ -43,6 +43,9 @@ console.log('CrossDomainLogin initiated');
|
|||||||
XHR.push($.get({
|
XHR.push($.get({
|
||||||
url: "https://auth." + domain + "/lucidAuth.setXDomainCookie.php",
|
url: "https://auth." + domain + "/lucidAuth.setXDomainCookie.php",
|
||||||
crossDomain: true,
|
crossDomain: true,
|
||||||
|
xhrFields: {
|
||||||
|
withCredentials: true,
|
||||||
|
},
|
||||||
data: {
|
data: {
|
||||||
ref: btoa(JSON.stringify({
|
ref: btoa(JSON.stringify({
|
||||||
action: 'login',
|
action: 'login',
|
||||||
|
Loading…
Reference in New Issue
Block a user