From 59baf03e22c99a2c6dc899bee382f0f25b9006e7 Mon Sep 17 00:00:00 2001
From: William Brawner <me@wbrawner.com>
Date: Tue, 18 Feb 2020 20:44:24 -0700
Subject: [PATCH] Add OPTIONS to list of allowed CORS methods

---
 .../com/wbrawner/budgetserver/config/SecurityConfig.kt   | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt b/src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt
index 7280982..aa1467e 100644
--- a/src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt
+++ b/src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt
@@ -70,8 +70,13 @@ open class SecurityConfig(
                     with(CorsConfiguration()) {
                         applyPermitDefaultValues()
                         allowedOrigins = environment["twigs.cors.domains"]?.split(",") ?: listOf("*")
-                        allowedMethods = listOf(HttpMethod.GET, HttpMethod.POST, HttpMethod.PUT, HttpMethod.DELETE)
-                                .map { it.name }
+                        allowedMethods = listOf(
+                                HttpMethod.GET,
+                                HttpMethod.POST,
+                                HttpMethod.PUT,
+                                HttpMethod.DELETE,
+                                HttpMethod.OPTIONS
+                        ).map { it.name }
                         allowCredentials = true
                         this
                     }