Revert "fix: Include Authorization and Accept in CORs allowed headers"

This reverts commit ee395a4.
maplibre · Nov 6, 2023 · 0871a2d · 0871a2d
1 parent 5c990b0
commit 0871a2d
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/martin/src/srv/server.rs b/martin/src/srv/server.rs
@@ -7,7 +7,7 @@ use actix_web::dev::Server;
 use actix_web::error::{ErrorBadRequest, ErrorInternalServerError, ErrorNotFound};
 use actix_web::http::header::{
     AcceptEncoding, ContentType, Encoding as HeaderEnc, HeaderValue, Preference, CACHE_CONTROL,
-    CONTENT_ENCODING, AUTHORIZATION, ACCEPT
+    CONTENT_ENCODING,
 };
 use actix_web::http::Uri;
 use actix_web::middleware::TrailingSlash;
@@ -481,8 +481,7 @@ pub fn new_server(config: SrvConfig, state: ServerState) -> crate::Result<(Serve
     let server = HttpServer::new(move || {
         let cors_middleware = Cors::default()
             .allow_any_origin()
-            .allowed_methods(vec!["GET"])
-            .allowed_headers(vec![AUTHORIZATION, ACCEPT]);
+            .allowed_methods(vec!["GET"]);
 
         App::new()
             .app_data(Data::new(state.tiles.clone()))