always add Access-Control-Allow-Headers

lsd/server.py

@@ -116,6 +116,7 @@ class Server(Resource):
 
     def getChild(self, name, request):
         request.headers['Server'] = '%s/%s' % (__appname__, __version__)
+        site = self.get_site(request)
         if name in ('icon.png', 'favicon.ico'):
             f = File(self.static_path('icon.png'))
             f.isLeaf = True
@@ -124,7 +125,6 @@ class Server(Resource):
             return self
         if request.path.startswith('/get/'):
             sha1 = request.path.split('/')[-1].lower()
-            site = self.get_site(request)
             if site:
                 site = self.backend.site(site, False)
             if site:
@@ -146,7 +146,6 @@ class Server(Resource):
 
     def render_OPTIONS(self, request):
         # allow all requested headers to sites
-        site = self.get_site(request)
         headers = request.getAllHeaders()
         if 'access-control-request-headers' in headers:
             request.headers['Access-Control-Allow-Headers'] = headers['access-control-request-headers']