From 5d59f8f11f1b03b546f67c1ad2cddabcc261a6fb Mon Sep 17 00:00:00 2001
From: Martin Geno <geno+dev@fireorbit.de>
Date: Tue, 17 May 2016 11:01:29 +0200
Subject: [PATCH] api access controll

---
 api/lib.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/api/lib.go b/api/lib.go
index fcf50e6..727be05 100644
--- a/api/lib.go
+++ b/api/lib.go
@@ -23,6 +23,7 @@ func jsonOutput(w http.ResponseWriter, r *http.Request,data interface{}){
 	}
 	w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
 	w.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
 	w.Write(js)
 }
 func BasicAuth(h httprouter.Handle, pass []byte) httprouter.Handle {
@@ -32,6 +33,7 @@ func BasicAuth(h httprouter.Handle, pass []byte) httprouter.Handle {
 			}
 			w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
 			w.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
+			w.Header().Set("Access-Control-Allow-Credentials", "true")
 
 			const basicAuthPrefix string = "Basic "