From 6de66c28cfd789e5dd40347e87de9f327599b4df Mon Sep 17 00:00:00 2001
From: Johan de Klerk <johan@shiplogic.com>
Date: Wed, 18 Jun 2025 14:12:18 +0200
Subject: [PATCH] Added x-df to allowed headers

---
 utils/utils.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/utils/utils.go b/utils/utils.go
index 733680d..76bcff8 100644
--- a/utils/utils.go
+++ b/utils/utils.go
@@ -33,7 +33,7 @@ func CorsHeaders() map[string]string {
 	return map[string]string{
 		"Access-Control-Allow-Origin": "*",
 		// do not wildcard: https://stackoverflow.com/questions/13146892/cors-access-control-allow-headers-wildcard-being-ignored
-		"Access-Control-Allow-Headers":     "authorization, content-type, referer, sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-platform, user-agent, x-amz-date, x-amz-security-token",
+		"Access-Control-Allow-Headers":     "authorization, content-type, referer, sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-platform, user-agent, x-amz-date, x-amz-security-token, x-df",
 		"Access-Control-Allow-Methods":     "OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD",
 		"Access-Control-Max-Age":           "86400",
 		"Access-Control-Allow-Credentials": "true",
-- 
GitLab