From: Alexander Moisseev <moiseev@mezonplus.ru>
Date: Wed, 7 May 2025 15:29:05 +0000 (+0300)
Subject: [Fix] Allow 'Hash' in Access-Control-Allow-Headers
X-Git-Tag: 3.12.0~28^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f22b6d863e064540c011fa8006b19232e97bf09b;p=thirdparty%2Frspamd.git

[Fix] Allow 'Hash' in Access-Control-Allow-Headers

so clients can include the Hash header in CORS preflight requests
to /fuzzydelhash endpoint.
---

diff --git a/src/controller.c b/src/controller.c
index 22423e9990..c64835038b 100644
--- a/src/controller.c
+++ b/src/controller.c
@@ -3291,7 +3291,7 @@ rspamd_controller_handle_unknown(struct rspamd_http_connection_entry *conn_ent,
 		rspamd_http_message_add_header(rep, "Access-Control-Allow-Methods",
 									   "POST, GET, OPTIONS");
 		rspamd_http_message_add_header(rep, "Access-Control-Allow-Headers",
-									   "Content-Type,Password,Map,Weight,Flag");
+									   "Content-Type,Password,Map,Weight,Flag,Hash");
 		rspamd_http_connection_reset(conn_ent->conn);
 		rspamd_http_router_insert_headers(conn_ent->rt, rep);
 		rspamd_http_connection_write_message(conn_ent->conn,