id,node_id,number,state,locked,title,user,body,created_at,updated_at,closed_at,merged_at,merge_commit_sha,assignee,milestone,draft,head,base,author_association,repo,url,merged_by,auto_merge
730020867,MDExOlB1bGxSZXF1ZXN0NzMwMDIwODY3,1467,closed,0,Add Authorization header when CORS flag is set,3058200,"This PR adds the [`Access-Control-Allow-Headers`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) flag when CORS mode is enabled.

This would fix https://github.com/simonw/datasette-auth-tokens/issues/4. When making cross-origin requests, the server must respond with all allowable HTTP headers. A Datasette instance using auth tokens must accept the `Authorization` HTTP header in order for cross-origin authenticated requests to take place.

Please let me know if there's a better way of doing this! I couldn't figure out a way to change the app's response from the plugin itself, so I'm starting here. If you'd rather this logic live in the plugin, I'd love any guidance you're able to give.",2021-09-08T22:14:41Z,2021-10-17T02:29:07Z,2021-10-14T18:54:18Z,,15f258735ddee555028a075c09e1e8f74069be70,,,0,05109e8d61dedd477c4cedfb89b1da65610f70d1,d57ab156b35ec642549fb69d08279850065027d2,NONE,107914493,https://github.com/simonw/datasette/pull/1467,,