explicit origin is required with new CORS (#802)

kunjee17 · LegNeato · web-flow · commit 4c40826eff5d · 2020-11-04T20:44:16.000-08:00
Co-authored-by: Christian Legnitto &lt;LegNeato@users.noreply.github.com&gt;
diff --git a/juniper_actix/examples/actix_server.rs b/juniper_actix/examples/actix_server.rs
@@ -3,7 +3,7 @@
 use std::env;
 
 use actix_cors::Cors;
-use actix_web::{middleware, web, App, Error, HttpResponse, HttpServer};
+use actix_web::{http::header, middleware, web, App, Error, HttpResponse, HttpServer};
 use juniper::{
     tests::fixtures::starwars::schema::{Database, Query},
     EmptyMutation, EmptySubscription, RootNode,
@@ -49,7 +49,10 @@ async fn main() -> std::io::Result<()> {
             .wrap(middleware::Logger::default())
             .wrap(
                 Cors::default()
+                    .allowed_origin("http://127.0.0.1:8080")
                     .allowed_methods(vec!["POST", "GET"])
+                    .allowed_headers(vec![header::AUTHORIZATION, header::ACCEPT])
+                    .allowed_header(header::CONTENT_TYPE)
                     .supports_credentials()
                     .max_age(3600),
             )
