1.0.0-dev

lib/angel_cors.dart

@@ -26,6 +26,15 @@ bool _isOriginAllowed(String origin, allowedOrigin) {
 RequestMiddleware cors([CorsOptions options]) {
   final opts = options ?? new CorsOptions();
 
+  /*
+  print(opts.credentials);
+  print(opts.allowedHeaders);
+  print(opts.methods);
+  print(opts.exposedHeaders);
+  print(opts.maxAge);
+  print(opts.origin);
+  */
+
   return (RequestContext req, ResponseContext res) async {
     // Access-Control-Allow-Credentials
     if (opts.credentials == true) {
@@ -35,6 +44,9 @@ RequestMiddleware cors([CorsOptions options]) {
     // Access-Control-Allow-Headers
     if (opts.allowedHeaders.isNotEmpty) {
       res.header('Access-Control-Allow-Headers', opts.allowedHeaders.join(','));
+    } else {
+      res.header('Access-Control-Allow-Headers',
+          req.headers.value('Access-Control-Allow-Headers'));
     }
 
     // Access-Control-Expose-Headers

lib/src/cors_options.dart

@@ -55,7 +55,7 @@ class CorsOptions {
         'PUT',
         'PATCH',
         'POST',
-        'DELETE˝'
+        'DELETE'
       ],
       this.origin: '*',
       this.preflightContinue: false,

test/basic_test.dart

@@ -14,9 +14,11 @@ main() {
     app = new Angel()
       ..before.add(cors())
       ..post('/', (req, res) async {
-        return res
-          ..write('hello world')
-          ..end();
+        res.write('hello world');
+        return false;
+      })
+      ..all('*', () {
+        throw new AngelHttpException.NotFound();
       });
 
     server = await app.startServer();
@@ -34,6 +36,8 @@ main() {
   test('POST works', () async {
     final response = await client.post(url);
     expect(response.statusCode, equals(200));
+    print('Response: ${response.body}');
+    print('Headers: ${response.headers}');
     expect(response.headers['access-control-allow-origin'], equals('*'));
   });
 }