From 269a10fe1ce7249e019f3bbe82af11bc8d8a1879 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Wed, 13 Jul 2016 19:49:26 -0400
Subject: [PATCH] Move to query string jwt token and content-type "text/plain"
 for POST to avoid pre-flight CORS requests. Remove GET cache headers (will
 move to server response headers).

---
 src/Vault/wwwroot/app/config.js | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/Vault/wwwroot/app/config.js b/src/Vault/wwwroot/app/config.js
index 43abaa0a28..d235987baa 100644
--- a/src/Vault/wwwroot/app/config.js
+++ b/src/Vault/wwwroot/app/config.js
@@ -2,6 +2,7 @@ angular
     .module('bit')
 
     .config(function ($stateProvider, $urlRouterProvider, $httpProvider, jwtInterceptorProvider, $uibTooltipProvider, toastrConfig) {
+        jwtInterceptorProvider.urlParam = 'access_token';
         jwtInterceptorProvider.tokenGetter = /*@ngInject*/ function (config, appSettings, tokenService) {
             if (config.url.indexOf(appSettings.apiUri) === 0) {
                 return tokenService.getToken();
@@ -19,13 +20,11 @@ angular
             popupDelay: 600
         });
 
-        if (!$httpProvider.defaults.headers.get) {
-            $httpProvider.defaults.headers.get = {};
+        if ($httpProvider.defaults.headers.post) {
+            $httpProvider.defaults.headers.post = {};
         }
 
-        $httpProvider.defaults.headers.get['If-Modified-Since'] = 'Mon, 26 Jul 1997 05:00:00 GMT';
-        $httpProvider.defaults.headers.get['Cache-Control'] = 'no-cache';
-        $httpProvider.defaults.headers.get.Pragma = 'no-cache';
+        $httpProvider.defaults.headers.post['Content-Type'] = 'text/plain; charset=utf-8';
 
         $httpProvider.interceptors.push('apiInterceptor');
         $httpProvider.interceptors.push('jwtInterceptor');