diff --git a/lib/api/middlewares/cors.js b/lib/api/middlewares/cors.js index 60df813d..6a552063 100644 --- a/lib/api/middlewares/cors.js +++ b/lib/api/middlewares/cors.js @@ -7,9 +7,9 @@ module.exports = function cors () { 'X-Prototype-Version', 'X-CSRF-Token', 'Authorization', - 'Carto-Source-Lib', - 'Carto-Source-Context', - 'Carto-Source-Context-Id' + 'Carto-Event', + 'Carto-Event-Source', + 'Carto-Event-Group-Id' ]; if (req.method === 'OPTIONS') { diff --git a/test/acceptance/ported/attributes-test.js b/test/acceptance/ported/attributes-test.js index c08bb6fb..8f5e70d0 100644 --- a/test/acceptance/ported/attributes-test.js +++ b/test/acceptance/ported/attributes-test.js @@ -43,7 +43,7 @@ describe('attributes', function () { assert.strictEqual( res.headers['access-control-allow-headers'], 'X-Requested-With, X-Prototype-Version, X-CSRF-Token, Authorization, ' + - 'Carto-Source-Lib, Carto-Source-Context, Carto-Source-Context-Id' + 'Carto-Event, Carto-Event-Source, Carto-Event-Group-Id' ); assert.strictEqual(res.headers['access-control-allow-origin'], '*'); } diff --git a/test/acceptance/ported/multilayer-test.js b/test/acceptance/ported/multilayer-test.js index 0e093c70..db629f9a 100644 --- a/test/acceptance/ported/multilayer-test.js +++ b/test/acceptance/ported/multilayer-test.js @@ -28,7 +28,7 @@ describe('multilayer', function () { assert.strictEqual( res.headers['access-control-allow-headers'], 'X-Requested-With, X-Prototype-Version, X-CSRF-Token, Authorization, ' + - 'Carto-Source-Lib, Carto-Source-Context, Carto-Source-Context-Id' + 'Carto-Event, Carto-Event-Source, Carto-Event-Group-Id' ); assert.strictEqual(res.headers['access-control-allow-origin'], '*'); } @@ -1034,7 +1034,7 @@ describe('multilayer', function () { it('geting options on layergroup should return CORS headers', function (done) { const allowHeaders = 'X-Requested-With, X-Prototype-Version, X-CSRF-Token, Authorization, ' + - 'Carto-Source-Lib, Carto-Source-Context, Carto-Source-Context-Id, Content-Type'; + 'Carto-Event, Carto-Event-Source, Carto-Event-Group-Id, Content-Type'; assert.response(server, { url: '/api/v1/map', method: 'OPTIONS' diff --git a/test/acceptance/ported/raster-test.js b/test/acceptance/ported/raster-test.js index 9f8a80fc..0e413f8e 100644 --- a/test/acceptance/ported/raster-test.js +++ b/test/acceptance/ported/raster-test.js @@ -20,7 +20,7 @@ describe('raster', function () { assert.strictEqual( res.headers['access-control-allow-headers'], 'X-Requested-With, X-Prototype-Version, X-CSRF-Token, Authorization, ' + - 'Carto-Source-Lib, Carto-Source-Context, Carto-Source-Context-Id' + 'Carto-Event, Carto-Event-Source, Carto-Event-Group-Id' ); assert.strictEqual(res.headers['access-control-allow-origin'], '*'); } diff --git a/test/acceptance/ported/torque-test.js b/test/acceptance/ported/torque-test.js index 6b0d95d3..78d173fe 100644 --- a/test/acceptance/ported/torque-test.js +++ b/test/acceptance/ported/torque-test.js @@ -31,7 +31,7 @@ describe('torque', function () { assert.strictEqual( res.headers['access-control-allow-headers'], 'X-Requested-With, X-Prototype-Version, X-CSRF-Token, Authorization, ' + - 'Carto-Source-Lib, Carto-Source-Context, Carto-Source-Context-Id' + 'Carto-Event, Carto-Event-Source, Carto-Event-Group-Id' ); assert.strictEqual(res.headers['access-control-allow-origin'], '*'); } diff --git a/test/acceptance/templates-test.js b/test/acceptance/templates-test.js index e4319f60..c7926fe3 100644 --- a/test/acceptance/templates-test.js +++ b/test/acceptance/templates-test.js @@ -304,7 +304,7 @@ describe('template_api', function () { }, function testCORS () { const allowHeaders = 'X-Requested-With, X-Prototype-Version, X-CSRF-Token, Authorization, ' + - 'Carto-Source-Lib, Carto-Source-Context, Carto-Source-Context-Id, Content-Type'; + 'Carto-Event, Carto-Event-Source, Carto-Event-Group-Id, Content-Type'; assert.response(server, { url: '/api/v1/map/named/acceptance1', method: 'OPTIONS'