From b9489b5e9a32a2a3f54d48705e731a7bcf188d20 Mon Sep 17 00:00:00 2001
From: Elias Schneider <login@eliasschneider.com>
Date: Mon, 2 Jun 2025 15:55:29 +0200
Subject: [PATCH] fix: whitelist authorization header for CORS

---
 backend/internal/middleware/cors.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/backend/internal/middleware/cors.go b/backend/internal/middleware/cors.go
index 6b2a936c..d6ae14ef 100644
--- a/backend/internal/middleware/cors.go
+++ b/backend/internal/middleware/cors.go
@@ -26,6 +26,7 @@ func (m *CorsMiddleware) Add() gin.HandlerFunc {
 		}
 
 		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", "Authorization")
 		c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST")
 
 		// Preflight request