From f0e8194a7129b6885ad74a694157e10e29f20807 Mon Sep 17 00:00:00 2001
From: Niklas Poslovski <ni.pos@yandex.com>
Date: Tue, 22 May 2018 16:26:01 +0200
Subject: [PATCH] Repair some access-control headers required for third-party
 webclients

---
 installation/pleroma.nginx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx
index b8abdce22..b6ca30cc9 100644
--- a/installation/pleroma.nginx
+++ b/installation/pleroma.nginx
@@ -52,8 +52,8 @@ server {
         # if you do not want remote frontends to be able to access your Pleroma backend
         # server, remove these lines.
         add_header 'Access-Control-Allow-Origin' '*' always;
-        add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;
-        add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type' always;
+        add_header 'Access-Control-Allow-Methods' 'POST, PUT, DELETE, GET, PATCH, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Idempotency-Key' always;
         add_header 'Access-Control-Expose-Headers' 'Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id' always;
         if ($request_method = OPTIONS) {
             return 204;