HTTPUpdateServer Allow external POSTS (CORS) (esp8266#6824)

* HTTPUpdateServer Allow external POSTS (CORS)

* Format Updates - POST HTTPUpdateServer

Co-authored-by: Joseph Francis <[email protected]>

Author: 2 people

Diff for: libraries/ESP8266HTTPUpdateServer/src/ESP8266HTTPUpdateServer-impl.h

@@ -59,8 +59,24 @@ void ESP8266HTTPUpdateServerTemplate<ServerType>::setup(ESP8266WebServerTemplate
       _server->send_P(200, PSTR("text/html"), serverIndex);
     });
 
+    // handler for the /update form page - preflight options
+    _server->on(path.c_str(), HTTP_OPTIONS, [&](){
+	    _server->sendHeader("Access-Control-Allow-Headers", "*");
+	    _server->sendHeader("Access-Control-Allow-Origin", "*");
+	    _server->send(200, F("text/html"), String(F("y")));
+    },[&](){
+		_authenticated = (_username == emptyString || _password == emptyString || _server->authenticate(_username.c_str(), _password.c_str()));
+      if(!_authenticated){
+        if (_serial_output)
+          Serial.printf("Unauthenticated Update\n");
+        return;
+      }
+    });
+	
     // handler for the /update form POST (once file upload finishes)
     _server->on(path.c_str(), HTTP_POST, [&](){
+	    _server->sendHeader("Access-Control-Allow-Headers", "*");
+	    _server->sendHeader("Access-Control-Allow-Origin", "*");
       if(!_authenticated)
         return _server->requestAuthentication();
       if (Update.hasError()) {