From 0d8e8c5ba7a8bbe574933f063e39e49ea463b758 Mon Sep 17 00:00:00 2001
From: Jonah Lawrence <jonah@freshidea.com>
Date: Mon, 25 Dec 2023 22:42:00 +0200
Subject: [PATCH] Set headers to allow access from any origin

---
 api/index.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/api/index.php b/api/index.php
index 0298ced..1713ce1 100644
--- a/api/index.php
+++ b/api/index.php
@@ -36,6 +36,11 @@ function displayImage($url, $userAgent, $redirect)
     // don't need to fetch the image if we're redirecting
     $contents = $redirect ? "" : curlGetContents($url, $userAgent);
 
+    // Set headers to allow access from any origin
+    header("Access-Control-Allow-Origin: *");
+    header("Access-Control-Allow-Methods: GET, OPTIONS");
+    header("Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With");
+
     // redirect if redirect is set or the image is larger than 4.5MB
     if ($redirect || strlen($contents) > 4500000) {
         header("Location: $url");