Skip to content

Added more header to allow proper cors

DojoCoder requested to merge pajasevi/samourai-dojo:fix-cors into develop

This merge request adds more CORS headers (Access-Controll-Allow-*) to allow calling Dojo API from browser and browser-like environments (like Electron).

Allowing these headers does not pose any security issues because the API does not hold and state in session and session cookies and is available only through Tor network and accessible with auth using the API key.

These changes are necessary for a RoninDojo project in works to use Dojo APIs like PushTX and other.

Merge request reports