From 64a715a663b4d32986af7f77a4dae4b84eb24439 Mon Sep 17 00:00:00 2001
From: Alessandro Ros <aler9.dev@gmail.com>
Date: Tue, 4 Jul 2023 22:18:41 +0200
Subject: [PATCH] hls, webrtc: add Authorization to
 Access-Control-Allow-Headers (#2018) (#2020)

---
 README.md                           | 2 +-
 internal/core/hls_http_server.go    | 2 +-
 internal/core/webrtc_http_server.go | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 437533b6..bed214c9 100644
--- a/README.md
+++ b/README.md
@@ -462,7 +462,7 @@ If you want to run the standard (non-Docker) version of the server:
 
 The resulting stream will be available in path `/cam`.
 
-If you want to run the server inside Docker, you need to use the `latest-rpi` image (that already contains libcamera) and launch the container with some additional flags:
+If you want to run the server inside Docker, you need to use the `latest-rpi` image (that already contains required libraries) and launch the container with some additional flags:
 
 ```sh
 docker run --rm -it \
diff --git a/internal/core/hls_http_server.go b/internal/core/hls_http_server.go
index 8b75fe3c..9de185cc 100644
--- a/internal/core/hls_http_server.go
+++ b/internal/core/hls_http_server.go
@@ -91,7 +91,7 @@ func (s *hlsHTTPServer) onRequest(ctx *gin.Context) {
 	switch ctx.Request.Method {
 	case http.MethodOptions:
 		ctx.Writer.Header().Set("Access-Control-Allow-Methods", "OPTIONS, GET")
-		ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Range")
+		ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Authorization, Range")
 		ctx.Writer.WriteHeader(http.StatusOK)
 		return
 
diff --git a/internal/core/webrtc_http_server.go b/internal/core/webrtc_http_server.go
index 83c65cbd..f2d253e2 100644
--- a/internal/core/webrtc_http_server.go
+++ b/internal/core/webrtc_http_server.go
@@ -240,7 +240,7 @@ func (s *webRTCHTTPServer) onRequest(ctx *gin.Context) {
 		switch ctx.Request.Method {
 		case http.MethodOptions:
 			ctx.Writer.Header().Set("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PATCH")
-			ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, If-Match")
+			ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type, If-Match")
 			ctx.Writer.WriteHeader(http.StatusOK)
 			return
 
@@ -336,7 +336,7 @@ func (s *webRTCHTTPServer) onRequest(ctx *gin.Context) {
 		switch ctx.Request.Method {
 		case http.MethodOptions:
 			ctx.Writer.Header().Set("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PATCH")
-			ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, If-Match")
+			ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type, If-Match")
 			ctx.Writer.Header()["Link"] = iceServersToLinkHeader(s.parent.generateICEServers())
 			ctx.Writer.WriteHeader(http.StatusOK)