Re: [openstreetmap/openstreetmap-website] Image download w/ submit_tag (PR #6192)

Wed, 16 Jul 2025 11:21:26 -0700 

mmd-osm left a comment (openstreetmap/openstreetmap-website#6192)

I'm using the code below, which includes `Access-Control-Request-Headers: 
x-csrf-token,x-turbo-request-id` in the request.

The preflight fails, because we're not allowing these headers:

Reason: header ‘x-csrf-token’ is not allowed according to header 
‘Access-Control-Allow-Headers’ from CORS preflight response




```
diff --git a/app/views/share_panes/show.html.erb 
b/app/views/share_panes/show.html.erb
index 23f46dc4d..f4ae5ac95 100644
--- a/app/views/share_panes/show.html.erb
+++ b/app/views/share_panes/show.html.erb
@@ -40,7 +40,7 @@
       <% end %>
     </ul>
   </div>
-  <form id="export-image" action="/export/finish" method="post">
+  <form id="export-image" action="/export/finish" method="post" 
data-turbo="true">
     <div class="row mb-3">
       <label for="mapnik_format" class="col-auto col-form-label"><%= t 
".format" %></label>
       <div class="col-auto">
```

-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/6192#issuecomment-3079760090
You are receiving this because you are subscribed to this thread.

Message ID: 
<openstreetmap/openstreetmap-website/pull/6192/c3079760...@github.com>
_______________________________________________
rails-dev mailing list
rails-dev@openstreetmap.org
https://lists.openstreetmap.org/listinfo/rails-dev

Reply via email to