From 337822fde3a61fdf9c81156e034364a91e146100 Mon Sep 17 00:00:00 2001
From: Victor Vrantchan <vrancean+github@gmail.com>
Date: Tue, 11 Oct 2016 17:10:20 -0400
Subject: [PATCH] remove unused cors headers (#296)

no need for CORS middleware since we're using the same origin for the frontend.
---
 cli/serve.go | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)

diff --git a/cli/serve.go b/cli/serve.go
index c202263400..c41f739374 100644
--- a/cli/serve.go
+++ b/cli/serve.go
@@ -147,7 +147,7 @@ the way that the kolide server works.
 			httpLogger := kitlog.NewContext(logger).With("component", "http")
 
 			apiHandler := service.MakeHandler(ctx, svc, config.Auth.JwtKey, httpLogger)
-			http.Handle("/api/", accessControl(apiHandler))
+			http.Handle("/api/", apiHandler)
 			http.Handle("/version", version.Handler())
 			http.Handle("/metrics", prometheus.Handler())
 			http.Handle("/assets/", service.ServeStaticAssets("/assets/"))
@@ -199,18 +199,3 @@ func (devMailService) SendEmail(e kolide.Email) error {
 	return err
 
 }
-
-// cors headers
-func accessControl(h http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Access-Control-Allow-Origin", "*")
-		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
-		w.Header().Set("Access-Control-Allow-Headers", "Origin, Content-Type")
-
-		if r.Method == "OPTIONS" {
-			return
-		}
-
-		h.ServeHTTP(w, r)
-	})
-}