bekatom · April 12, 2016 05:28
diff --git a/app.js b/app.js
 function allowCrossDomain(req, res, next) {


    res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    res.header('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
    res.header('Access-Control-Allow-Credentials', true);

    var origin = req.headers.origin;
    if (_.contains(config.allowed_origins, origin)) {
        res.setHeader('Access-Control-Allow-Origin', origin);
    }

    if (req.method === 'OPTIONS') {
        res.send(200);
    } else {
        next();
    }
 }

 app.use(allowCrossDomain);
	function allowCrossDomain(req, res, next) {


	res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
	res.header('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
	res.header('Access-Control-Allow-Credentials', true);

	var origin = req.headers.origin;
	if (_.contains(config.allowed_origins, origin)) {
	res.setHeader('Access-Control-Allow-Origin', origin);
	}

	if (req.method === 'OPTIONS') {
	res.send(200);
	} else {
	next();
	}
	}

	app.use(allowCrossDomain);