From dfd3788712208e40f18352a9eaf3cb3f0ecaecb6 Mon Sep 17 00:00:00 2001
From: Tristan Cavelier <tristan.cavelier@nexedi.com>
Date: Mon, 18 Sep 2017 08:31:08 +0000
Subject: [PATCH] erp5_web: add Vary Origin to hateoas

This fixes an issue :
When we work on two web apps in two different domains
but using the same erp5 as storage backend,
the allow origin response header was equal to one sole
domain for the two web apps.
---
 bt5/erp5_web/ToolTemplateItem/caching_policy_manager.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bt5/erp5_web/ToolTemplateItem/caching_policy_manager.xml b/bt5/erp5_web/ToolTemplateItem/caching_policy_manager.xml
index 9f60eb4de2..f8ce05ba68 100644
--- a/bt5/erp5_web/ToolTemplateItem/caching_policy_manager.xml
+++ b/bt5/erp5_web/ToolTemplateItem/caching_policy_manager.xml
@@ -263,7 +263,7 @@
                             </item>
                             <item>
                                 <key> <string>_vary</string> </key>
-                                <value> <string>Cookie, Authorization</string> </value>
+                                <value> <string>Cookie, Authorization, Origin</string> </value>
                             </item>
                           </dictionary>
                         </state>
-- 
2.30.9