Ugg, modules and CORS??

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3863 ed5197a5-7fde-0310-b194-c3ffbd925b24

core/core.js

@@ -475,7 +475,10 @@ async function blobHandler(request, response, blobId, uri) {
 				var id = await db.get('path:' + match[2]);
 				if (id) {
 					if (request.headers['if-none-match'] && request.headers['if-none-match'] == '"' + id + '"') {
-						response.writeHead(304, {});
+						headers = {
+							'Access-Control-Allow-Origin': '*',
+						};
+						response.writeHead(304, headers);
 						response.end();
 					} else {
 						data = utf8Decode(await getBlobOrContent(id));
@@ -483,7 +486,10 @@ async function blobHandler(request, response, blobId, uri) {
 						data = appObject.files[uri.substring(1)];
 						data = await getBlobOrContent(data);
 						type = guessType(uri);
-						headers = {'ETag': '"' + id + '"'};
+						headers = {
+							'ETag': '"' + id + '"',
+							'Access-Control-Allow-Origin': '*',
+						};
 						sendData(response, data, type, headers);
 					}
 				} else {
@@ -494,6 +500,9 @@ async function blobHandler(request, response, blobId, uri) {
 				var appObject = JSON.parse(data);
 				data = appObject.files[uri.substring(1)];
 				data = await getBlobOrContent(data);
+				headers = {
+					'Access-Control-Allow-Origin': '*',
+				};
 				sendData(response, data, type, headers);
 			}
 		}