| 1 | /** CORS headers for cross-origin requests from the Pages UI. */ |
| 2 | |
| 3 | export function corsHeaders(): Record<string, string> { |
| 4 | return { |
| 5 | 'Access-Control-Allow-Origin': '*', |
| 6 | 'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS', |
| 7 | 'Access-Control-Allow-Headers': 'Content-Type, Authorization', |
| 8 | 'Access-Control-Max-Age': '86400', |
| 9 | }; |
| 10 | } |
| 11 | |