From d544a0e0e03c9b69b226fb5bba2ce27a7af270ca Mon Sep 17 00:00:00 2001
From: Quentin Dufour <quentin@deuxfleurs.fr>
Date: Mon, 13 Jun 2022 10:13:31 +0200
Subject: [PATCH] Send CORS headers for all requests

---
 src/api/s3/api_server.rs | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/src/api/s3/api_server.rs b/src/api/s3/api_server.rs
index ecc417ab..d1d6288c 100644
--- a/src/api/s3/api_server.rs
+++ b/src/api/s3/api_server.rs
@@ -4,7 +4,7 @@ use async_trait::async_trait;
 
 use futures::future::Future;
 use hyper::header;
-use hyper::{Body, Method, Request, Response};
+use hyper::{Body, Request, Response};
 
 use opentelemetry::{trace::SpanRef, KeyValue};
 
@@ -167,14 +167,7 @@ impl ApiHandler for S3ApiServer {
 			return Err(Error::forbidden("Operation is not allowed for this key."));
 		}
 
-		// Look up what CORS rule might apply to response.
-		// Requests for methods different than GET, HEAD or POST
-		// are always preflighted, i.e. the browser should make
-		// an OPTIONS call before to check it is allowed
-		let matching_cors_rule = match *req.method() {
-			Method::GET | Method::HEAD | Method::POST => find_matching_cors_rule(&bucket, &req)?,
-			_ => None,
-		};
+		let matching_cors_rule = find_matching_cors_rule(&bucket, &req)?;
 
 		let resp = match endpoint {
 			Endpoint::HeadObject {