From 36493ff07207a28ccb032ab0e07a69ed61ed7f8d Mon Sep 17 00:00:00 2001
From: Joshua Ramon Enslin <joshua@museum-digital.de>
Date: Wed, 17 Feb 2021 18:03:04 +0100
Subject: [PATCH] Add CORS headers for JSON output of index / overview

---
 public/index.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/public/index.php b/public/index.php
index 82c80e7..bcd674b 100644
--- a/public/index.php
+++ b/public/index.php
@@ -35,6 +35,12 @@ $fieldsGetter = new CsvxmlAvailableFields($lang);
 $availableFields = $fieldsGetter->getFields();
 
 if ($outFormat === 'json') {
+    header('Cache-Control: no-cache, no-store, must-revalidate, max-age=0'); // HTTP/1.1
+    header('Pragma: no-cache'); // HTTP/1.0
+    header("Access-Control-Allow-Origin: *");
+    header("Access-Control-Allow-Methods: GET");
+    header("Access-Control-Allow-Headers: X-PINGOTHER, Content-Type, Accept-Encoding, cache-control");
+    header("Access-Control-Max-Age: 86400");
     header('content-type: application/json');
     echo json_encode($availableFields);
     return;