From ca623adf86eda25b3c25ef780f07e92ccd3ffe35 Mon Sep 17 00:00:00 2001
From: Jurij <jurij@kompot.si>
Date: Sat, 6 Jan 2024 18:55:09 +0100
Subject: [PATCH] Version bump za etherpad, services fix za cors

---
 web/sites/default/default.services.yml | 7 ++++---
 web/sites/default/services.yml         | 6 ++++++
 web/sites/default/settings.php         | 2 --
 3 files changed, 10 insertions(+), 5 deletions(-)
 create mode 100644 web/sites/default/services.yml

diff --git a/web/sites/default/default.services.yml b/web/sites/default/default.services.yml
index aee3967..6be948a 100644
--- a/web/sites/default/default.services.yml
+++ b/web/sites/default/default.services.yml
@@ -208,18 +208,19 @@ parameters:
   cors.config:
     enabled: true
     # Specify allowed headers, like 'x-allowed-header'.
-    allowedHeaders: ['x-csrf-token','authorization','content-type','accept','origin','x-requested-with']
+    allowedHeaders: ['x-csrf-token','authorization','content-type','accept','origin','x-requested-with','access-control-allow-origin','x-allowed-header','*']
     # Specify allowed request methods, specify ['*'] to allow all possible ones.
     allowedMethods: ['*']
     # Configure requests allowed from specific origins. Do not include trailing
     # slashes with URLs.
-    allowedOrigins: ['*']
+    allowedOrigins: ['yufu.kompot.si']
     # Sets the Access-Control-Expose-Headers header.
     exposedHeaders: false
     # Sets the Access-Control-Max-Age header.
     maxAge: false
     # Sets the Access-Control-Allow-Credentials header.
-    supportsCredentials: false
+    supportsCredentials: true
+    allowCredentials: true
 
   queue.config:
     # The maximum number of seconds to wait if a queue is temporarily suspended.
diff --git a/web/sites/default/services.yml b/web/sites/default/services.yml
new file mode 100644
index 0000000..40ad8dd
--- /dev/null
+++ b/web/sites/default/services.yml
@@ -0,0 +1,6 @@
+parameters:
+  cors.config:
+    enabled: true
+    allowedHeaders: ['x-csrf-token','authorization','content-type','accept','origin','x-requested-with','access-control-allow-origin','x-allowed-header','*']
+    allowedOrigins: ['*']
+    allowCredentials: true
diff --git a/web/sites/default/settings.php b/web/sites/default/settings.php
index fd4dbec..71dd2a1 100755
--- a/web/sites/default/settings.php
+++ b/web/sites/default/settings.php
@@ -777,5 +777,3 @@ if (file_exists(__DIR__ . '/settings.ddev.php') && getenv('IS_DDEV_PROJECT') ==
 if (file_exists($app_root . '/' . $site_path . '/settings.local.php')) {
   include $app_root . '/' . $site_path . '/settings.local.php';
 }
-
-include $app_root."/sites/settings.local.php";
\ No newline at end of file