From a1d244567a165c9b18b899fd65e92707983000c1 Mon Sep 17 00:00:00 2001
From: Cory McWilliams <cory@unprompted.com>
Date: Sun, 20 Mar 2022 01:17:20 +0000
Subject: [PATCH] Ugg, modules and CORS??

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3863 ed5197a5-7fde-0310-b194-c3ffbd925b24
---
 core/core.js | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/core/core.js b/core/core.js
index 9c5a80aa..a55a92aa 100644
--- a/core/core.js
+++ b/core/core.js
@@ -475,7 +475,10 @@ async function blobHandler(request, response, blobId, uri) {
 				var id = await db.get('path:' + match[2]);
 				if (id) {
 					if (request.headers['if-none-match'] && request.headers['if-none-match'] == '"' + id + '"') {
-						response.writeHead(304, {});
+						headers = {
+							'Access-Control-Allow-Origin': '*',
+						};
+						response.writeHead(304, headers);
 						response.end();
 					} else {
 						data = utf8Decode(await getBlobOrContent(id));
@@ -483,7 +486,10 @@ async function blobHandler(request, response, blobId, uri) {
 						data = appObject.files[uri.substring(1)];
 						data = await getBlobOrContent(data);
 						type = guessType(uri);
-						headers = {'ETag': '"' + id + '"'};
+						headers = {
+							'ETag': '"' + id + '"',
+							'Access-Control-Allow-Origin': '*',
+						};
 						sendData(response, data, type, headers);
 					}
 				} else {
@@ -494,6 +500,9 @@ async function blobHandler(request, response, blobId, uri) {
 				var appObject = JSON.parse(data);
 				data = appObject.files[uri.substring(1)];
 				data = await getBlobOrContent(data);
+				headers = {
+					'Access-Control-Allow-Origin': '*',
+				};
 				sendData(response, data, type, headers);
 			}
 		}