I'm writing a client for my Yesod JSON server in angular.js. When examining the header traffic, it appears that Chrome is sending an OPTIONS method, which my handler rejects. Investigation suggests that I should send back something like this:
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://source.com
Access-Control-Allow-Headers: Content-Type, *
Looking at the scaffolding, I find that makeApplication begins a trail I want to follow:
makeApplication :: AppConfig DefaultEnv Extra -> IO Application
makeApplication conf = do
foundation <- makeFoundation conf
app <- toWaiAppPlain foundation
return $ logWare app
where
logWare = if development then logStdoutDev
else logStdout
Initially, I thought I needed to modify conf, but from what I can understand that manages the OS environment. Where is the most straight-forward place to globally alter response headers?
Probably the simplest thing is to add another middleware in addition to logWare.