From 77de17c81021b1bbf99bab8d4e066aca72bb8593 Mon Sep 17 00:00:00 2001
From: Michael C <michael@mchang.name>
Date: Thu, 6 Jan 2022 21:31:34 -0500
Subject: [PATCH] add allow-headers content-type

---
 nginx/cors.conf        | 1 +
 src/middleware/cors.ts | 1 +
 2 files changed, 2 insertions(+)

diff --git a/nginx/cors.conf b/nginx/cors.conf
index 1182113..03c163d 100644
--- a/nginx/cors.conf
+++ b/nginx/cors.conf
@@ -1,6 +1,7 @@
 if ($request_method = 'OPTIONS') {
   add_header 'Access-Control-Allow-Origin' '*';
   add_header 'Access-Control-Allow-Methods' 'GET, POST, DELETE';
+  add_header 'Access-Control-Allow-Headers', 'Content-Type'
   # cache CORS for 24 hours
   add_header 'Access-Control-Max-Age' 86400;
   # return empty response for preflight
diff --git a/src/middleware/cors.ts b/src/middleware/cors.ts
index 1cda853..e3b71ab 100644
--- a/src/middleware/cors.ts
+++ b/src/middleware/cors.ts
@@ -3,5 +3,6 @@ import { NextFunction, Request, Response } from "express";
 export function corsMiddleware(req: Request, res: Response, next: NextFunction): void {
     res.header("Access-Control-Allow-Origin", "*");
     res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS, DELETE");
+    res.header("Access-Control-Allow-Headers", "Content-Type");
     next();
 }