# HG changeset patch
# User dwinter
# Date 1348581455 -7200
# Node ID 1cb439acd1e1eb64bb39263955567344db446a96
# Parent  b3428e281ee239de99ad5b9ea82b6cd85b77b042
cross scripting

diff -r b3428e281ee2 -r 1cb439acd1e1 MetaData.py
--- a/MetaData.py	Mon Sep 17 10:14:01 2012 +0200
+++ b/MetaData.py	Tue Sep 25 15:57:35 2012 +0200
@@ -205,6 +205,20 @@
         for key,value in self.getDCMappedData(data).items():
             ret+="""<dc:%s>%s</dc:%s>"""%(key,xml.sax.saxutils.escape(value),key)
         ret+="</bib>"
+
+
+        REQUEST=self.REQUEST
+
+        if REQUEST is not None:
+            origin = REQUEST.getHeader('Origin')
+            if origin:
+                REQUEST.response.setHeader('Access-Control-Allow-Origin', origin)
+                REQUEST.response.setHeader('Access-Control-Allow-Credentials', 'true')
+            else:
+                REQUEST.response.setHeader('Access-Control-Allow-Origin', '*')
+
+            REQUEST.response.setHeader('Access-Control-Allow-Methods', 'GET, PUT, POST, DELETE, OPTIONS, HEAD')
+            REQUEST.response.setHeader('Access-Control-Allow-Headers', 'Origin, Content-Type, Cache-Control, X-Requested-With')
         
         return ret