Finish #3 Whitelist rate-limiting headers in CORS

jublo · Dec 26, 2013 · facc3c2 · facc3c2
2 parents db8ee37 + 51de31f
commit facc3c2
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,6 +1,9 @@
 codebird-cors-proxy - changelog
 ===============================
 
+1.2.3 (2013-12-26)
++ #3 Whitelist rate-limiting headers in CORS
+
 1.2.2 (2013-08-20)
 - Fix oauth method detection code
 

diff --git a/codebird-cors-proxy.php b/codebird-cors-proxy.php
@@ -88,7 +88,9 @@ function http_get_request_body()
 $cors_headers = array(
     'Access-Control-Allow-Origin: *',
     'Access-Control-Allow-Headers: Origin, X-Authorization',
-    'Access-Control-Allow-Methods: POST, GET, OPTIONS'
+    'Access-Control-Allow-Methods: POST, GET, OPTIONS',
+    'Access-Control-Expose-Headers: '
+        . 'X-Rate-Limit-Limit, X-Rate-Limit-Remaining, X-Rate-Limit-Reset'
 );
 
 foreach($cors_headers as $cors_header) {