allow OPTIONS method in starlette CORS middleware

If not allowed, then the middleware will return a 400 on pre-flight CORS requests. Fixes #3129.
2026-03-11 21:34:06 +00:00 · 2023-08-01 11:12:36 +02:00
parent 252fe42612
commit d15f605129
1 changed files with 4 additions and 1 deletions
--- a/nominatim/server/starlette/server.py
+++ b/nominatim/server/starlette/server.py
@@ -114,7 +114,10 @@ def get_application(project_dir: Path,

    middleware = []
    if config.get_bool('CORS_NOACCESSCONTROL'):
-        middleware.append(Middleware(CORSMiddleware, allow_origins=['*']))
+        middleware.append(Middleware(CORSMiddleware,
+                                     allow_origins=['*'],
+                                     allow_methods=['GET', 'OPTIONS'],
+                                     max_age=86400))

    log_file = config.LOG_FILE
    if log_file: