From 1b7bb8c5016cc965aa8e5afa2436bbcb1115548e Mon Sep 17 00:00:00 2001
From: Henri Dickson <90480431+alphatownsman@users.noreply.github.com>
Date: Mon, 24 Jul 2023 20:54:58 -0400
Subject: [PATCH] Add Idempotency-Key to allowed CORS header (#618)

It's used by other web clients, so should improve compatibility.
---
 takahe/settings.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/takahe/settings.py b/takahe/settings.py
index 9088d49..bd682cd 100644
--- a/takahe/settings.py
+++ b/takahe/settings.py
@@ -9,6 +9,7 @@ import dj_database_url
 import django_cache_url
 import httpx
 import sentry_sdk
+from corsheaders.defaults import default_headers
 from pydantic import AnyUrl, BaseSettings, EmailStr, Field, validator
 from sentry_sdk.integrations.django import DjangoIntegration
 
@@ -338,6 +339,7 @@ CORS_ORIGIN_WHITELIST = SETUP.CORS_HOSTS
 CORS_ALLOW_CREDENTIALS = True
 CORS_PREFLIGHT_MAX_AGE = 604800
 CORS_EXPOSE_HEADERS = ("link",)
+CORS_ALLOW_HEADERS = (*default_headers, "Idempotency-Key")
 
 JSONLD_MAX_SIZE = 1024 * 50  # 50 KB