From 47ae29d6f63ff1d26c09efa4c6172c2e81b4d535 Mon Sep 17 00:00:00 2001
From: Ivan Uemlianin <ivan@llaisdy.com>
Date: Tue, 12 Apr 2016 16:59:24 +0100
Subject: [PATCH] Added extra check_allowed_headers kludge for Accept request
 header (Chrome).

---
 src/cowboy_cors.erl | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/cowboy_cors.erl b/src/cowboy_cors.erl
index d33823d..680a5e2 100644
--- a/src/cowboy_cors.erl
+++ b/src/cowboy_cors.erl
@@ -125,6 +125,9 @@ check_allowed_headers([<<"origin">>|Tail], Allowed, Req, State) ->
     %% header underpins the entire CORS framework, its inclusion in
     %% the requested headers is nonsensical.
     check_allowed_headers(Tail, Allowed, Req, State);
+check_allowed_headers([<<"accept">>|Tail], Allowed, Req, State) ->
+    %% KLUDGE: for browsers that include this header.
+    check_allowed_headers(Tail, Allowed, Req, State);
 check_allowed_headers([Header|Tail], Allowed, Req, State) ->
     case lists:member(Header, Allowed) of
         false ->