From ea6951122efa9719dc41ff69910f2bb9e14ac2af Mon Sep 17 00:00:00 2001 From: Martijn Walraven Date: Wed, 16 Mar 2016 13:59:31 +0100 Subject: [PATCH] Prevent autoupdate from Cordova apps built with Meteor < 1.3 Not setting the Access-Control-Allow-Origin header avoids Cordova apps built with Meteor < 1.3 from downloading manifest.json and thus blocks autoupdate. --- packages/webapp/webapp_server.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/packages/webapp/webapp_server.js b/packages/webapp/webapp_server.js index e4db550655..fe807c04cb 100644 --- a/packages/webapp/webapp_server.js +++ b/packages/webapp/webapp_server.js @@ -403,10 +403,6 @@ WebAppInternals.staticFilesMiddleware = function (staticFiles, req, res, next) { res.setHeader("Content-Type", "text/css; charset=UTF-8"); } else if (info.type === "json") { res.setHeader("Content-Type", "application/json; charset=UTF-8"); - // XXX if it is a manifest we are serving, set additional headers - if (/\/manifest\.json$/.test(pathname)) { - res.setHeader("Access-Control-Allow-Origin", "*"); - } } if (info.hash) {