From 02715363139e7fd193e9ffae6bbffa9288948316 Mon Sep 17 00:00:00 2001
From: Ruben Verborgh <ruben@verborgh.org>
Date: Wed, 28 Jul 2021 15:35:05 +0200
Subject: [PATCH] fix: Expose WAC-Allow via CORS.

Closes https://github.com/solid/community-server/issues/873
---
 config/http/middleware/handlers/cors.json | 3 ++-
 test/integration/Middleware.test.ts       | 6 ++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/config/http/middleware/handlers/cors.json b/config/http/middleware/handlers/cors.json
index b5cc6cfa6..ab2fb894d 100644
--- a/config/http/middleware/handlers/cors.json
+++ b/config/http/middleware/handlers/cors.json
@@ -19,7 +19,8 @@
         "Accept-Patch",
         "Location",
         "MS-Author-Via",
-        "Updates-Via"
+        "Updates-Via",
+        "WAC-Allow"
       ]
     }
   ]
diff --git a/test/integration/Middleware.test.ts b/test/integration/Middleware.test.ts
index 9d7feb393..c536bd3c1 100644
--- a/test/integration/Middleware.test.ts
+++ b/test/integration/Middleware.test.ts
@@ -111,6 +111,12 @@ describe('An http server with middleware', (): void => {
     expect(exposed.split(/\s*,\s*/u)).toContain('MS-Author-Via');
   });
 
+  it('exposes the WAC-Allow header via CORS.', async(): Promise<void> => {
+    const res = await request(server).get('/').expect(200);
+    const exposed = res.header['access-control-expose-headers'];
+    expect(exposed.split(/\s*,\s*/u)).toContain('WAC-Allow');
+  });
+
   it('exposes the Updates-Via header via CORS.', async(): Promise<void> => {
     const res = await request(server).get('/').expect(200);
     const exposed = res.header['access-control-expose-headers'];