From b6b7f2051b3054043913b6d7b1c9bb0c6d1f5995 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=89=8B=E7=93=9C=E4=B8=80=E5=8D=81=E9=9B=AA?=
 <nanaeonn@outlook.com>
Date: Thu, 5 Dec 2024 20:02:24 +0800
Subject: [PATCH] fix

---
 src/webui/src/middleware/cors.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/webui/src/middleware/cors.ts b/src/webui/src/middleware/cors.ts
index 3294d073..64a0d955 100644
--- a/src/webui/src/middleware/cors.ts
+++ b/src/webui/src/middleware/cors.ts
@@ -4,8 +4,8 @@ import type { RequestHandler } from 'express';
 export const cors: RequestHandler = (req, res, next) => {
     const origin = req.headers.origin || '*';
     res.header('Access-Control-Allow-Origin', origin);
-    res.header('Access-Control-Allow-Methods', '*');
-    res.header('Access-Control-Allow-Headers', '*');
+    res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
+    res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization');
     res.header('Access-Control-Allow-Credentials', 'true');
 
     if (req.method === 'OPTIONS') {