From 7c36851a056f527a67c29fe48d062e2e0d79a2f0 Mon Sep 17 00:00:00 2001
From: Nick Graziano <nick@terraformation.com>
Date: Wed, 30 Aug 2023 12:58:31 -0600
Subject: [PATCH] Add support for access-control-allow-credentials CORS header
 when CORS_ALLOWED_ORIGINS is not a wildcard

---
 startup.sh | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/startup.sh b/startup.sh
index 7877831..9e054ae 100755
--- a/startup.sh
+++ b/startup.sh
@@ -54,6 +54,14 @@ fi
 if [ "${CORS_ENABLED}" = "true" ]; then
   if ! grep -q DockerGeoServerCorsFilter "$CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"; then
     echo "Enable CORS for $CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"
+
+    # Add support for access-control-allow-credentials when the origin is not a wildcard
+    if [ "${CORS_ALLOWED_ORIGINS}" != "*" ]; then
+      CORS_ALLOW_CREDENTIALS="true"
+    else
+      CORS_ALLOW_CREDENTIALS="false"
+    fi
+
     sed -i "\:</web-app>:i\\
     <filter>\n\
       <filter-name>DockerGeoServerCorsFilter</filter-name>\n\
@@ -70,6 +78,10 @@ if [ "${CORS_ENABLED}" = "true" ]; then
         <param-name>cors.allowed.headers</param-name>\n\
         <param-value>${CORS_ALLOWED_HEADERS}</param-value>\n\
       </init-param>\n\
+      <init-param>\n\
+        <param-name>cors.support.credentials</param-name>\n\
+        <param-value>${CORS_ALLOW_CREDENTIALS}</param-value>\n\
+      </init-param>\n\
     </filter>\n\
     <filter-mapping>\n\
       <filter-name>DockerGeoServerCorsFilter</filter-name>\n\