From f50b629d59d30ac315a6b937029f403b37f129ce Mon Sep 17 00:00:00 2001
From: tolelom <98kimsungmin@naver.com>
Date: Thu, 19 Mar 2026 17:01:06 +0900
Subject: [PATCH] =?UTF-8?q?Fix:=20CORS=20AllowHeaders=EC=97=90=20X-Request?=
 =?UTF-8?q?ed-With=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

웹 클라이언트의 fetch 요청에서 X-Requested-With 헤더가
CORS preflight에서 차단되는 문제 수정.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 internal/server/server.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/server/server.go b/internal/server/server.go
index 84d3365..1821093 100644
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -33,7 +33,7 @@ func New() *fiber.App {
 	app.Use(middleware.SecurityHeaders)
 	app.Use(cors.New(cors.Config{
 		AllowOrigins:     "https://a301.tolelom.xyz",
-		AllowHeaders:     "Origin, Content-Type, Authorization, Idempotency-Key, X-API-Key",
+		AllowHeaders:     "Origin, Content-Type, Authorization, Idempotency-Key, X-API-Key, X-Requested-With",
 		AllowMethods:     "GET, POST, PUT, PATCH, DELETE",
 		AllowCredentials: true,
 	}))