From 94731ddf045b1ed184eb4b4659658ac311934391 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laura=20Kl=C3=BCnder?= <laura@codingcatgirl.de>
Date: Sun, 24 Dec 2017 05:35:17 +0100
Subject: [PATCH] add Access-Control-Allow-Credentials for the /updates/fetch/
 API endpoint

---
 src/c3nav/mapdata/api.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/c3nav/mapdata/api.py b/src/c3nav/mapdata/api.py
index 76b6d1fa..33f62bfe 100644
--- a/src/c3nav/mapdata/api.py
+++ b/src/c3nav/mapdata/api.py
@@ -442,6 +442,7 @@ class UpdatesViewSet(GenericViewSet):
         response = Response(result)
         if cross_origin:
             response['Access-Control-Allow-Origin'] = '*'
+            response['Access-Control-Allow-Credentials'] = 'true'
         set_tile_access_cookie(request, response)
 
         return response