From: David Lawrence Date: Wed, 11 Mar 2015 16:16:31 +0000 (+0000) Subject: Bug 1141440: OPTION response for CORS requests to REST doesn't allow X-Bugzilla headers X-Git-Tag: release-5.1.1~335 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=64ad8e38d4e984b216a67d22f147921d1efaaa60;p=thirdparty%2Fbugzilla.git Bug 1141440: OPTION response for CORS requests to REST doesn't allow X-Bugzilla headers - Fixed t/001compile.t error due to tr///r only for 5.14+ --- diff --git a/Bugzilla/WebService/Server/REST.pm b/Bugzilla/WebService/Server/REST.pm index 9c9141c09f..16e0419855 100644 --- a/Bugzilla/WebService/Server/REST.pm +++ b/Bugzilla/WebService/Server/REST.pm @@ -134,8 +134,13 @@ sub response { { rpc => $self, result => \$result, response => $response }); # Access Control - my @allowed_headers = (qw(accept content-type origin x-requested-with), - map { tr/A-Z_/a-z\-/r } keys API_AUTH_HEADERS()); + my @allowed_headers = qw(accept content-type origin x-requested-with); + foreach my $header (keys API_AUTH_HEADERS()) { + # We want to lowercase and replace _ with - + my $translated_header = $header; + $translated_header =~ tr/A-Z_/a-z\-/; + push(@allowed_headers, $translated_header); + } $response->header("Access-Control-Allow-Origin", "*"); $response->header("Access-Control-Allow-Headers", join(', ', @allowed_headers));