From 946448f049fd45534d7408ceec6115dff8ead9d6 Mon Sep 17 00:00:00 2001
From: Katalina Okano <git@kat.cafe>
Date: Sun, 20 Nov 2022 23:23:02 -0500
Subject: [PATCH] make CORS make sense

---
 services/api/src/cors.rs | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/services/api/src/cors.rs b/services/api/src/cors.rs
index e1623e8..527dbae 100644
--- a/services/api/src/cors.rs
+++ b/services/api/src/cors.rs
@@ -15,11 +15,8 @@ impl Fairing for CORS {
 
     async fn on_response<'r>(&self, _request: &'r Request<'_>, response: &mut Response<'r>) {
         response.set_header(Header::new("Access-Control-Allow-Origin", "*"));
-        response.set_header(Header::new(
-            "Access-Control-Allow-Methods",
-            "POST, GET, PATCH, OPTIONS",
-        ));
+        response.set_header(Header::new("Access-Control-Allow-Methods", "GET"));
         response.set_header(Header::new("Access-Control-Allow-Headers", "*"));
-        response.set_header(Header::new("Access-Control-Allow-Credentials", "true"));
+        response.set_header(Header::new("Access-Control-Allow-Credentials", "false"));
     }
 }