server : allow CORS request with authorization headers (#1850)

Whisper plugin in Obsidian requires an API key which is
then sent as an authorization header.
However, the presence of an authorization header requires
a CORS Preflight, so both the OPTIONS method and
the Access-Control-Allow-Headers: authorization must be
handled.

diff --git a/examples/server/server.cpp b/examples/server/server.cpp
index 69c04bf3a0a72b14db328bac045b679118894527..4cfc2946fa9d302ea98fe1edee4626a5d4b4cf0b 100644 (file)
--- a/examples/server/server.cpp
+++ b/examples/server/server.cpp
@@ -541,7 +541,7 @@ int main(int argc, char ** argv) {
     Server svr;
     svr.set_default_headers({{"Server", "whisper.cpp"},
                              {"Access-Control-Allow-Origin", "*"},
-                             {"Access-Control-Allow-Headers", "content-type"}});
+                             {"Access-Control-Allow-Headers", "content-type, authorization"}});
 
     std::string const default_content = R"(
     <html>
@@ -623,6 +623,9 @@ int main(int argc, char ** argv) {
         return false;
     });
 
+    svr.Options(sparams.request_path + "/inference", [&](const Request &req, Response &res){
+    });
+
     svr.Post(sparams.request_path + "/inference", [&](const Request &req, Response &res){
         // acquire whisper model mutex lock
         std::lock_guard<std::mutex> lock(whisper_mutex);