michaelcox · February 17, 2012 16:23
diff --git a/AllowCrossSiteJson.cs b/AllowCrossSiteJson.cs
 public class AllowCrossSiteJson : ActionFilterAttribute
 {
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);
        HttpContext.Current.Response.Cache.SetNoStore();

        var headers = Enumerable.ToList(HttpContext.Current.Request.Headers.AllKeys);
        headers.Add("X-HTTP-Method-Override");

        filterContext.RequestContext.HttpContext.Response.AppendHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
        filterContext.RequestContext.HttpContext.Response.AppendHeader("Access-Control-Allow-Headers", string.Join(", ", headers));

        filterContext.RequestContext.HttpContext.Response.AppendHeader("Access-Control-Allow-Origin", "*");

        base.OnActionExecuting(filterContext);
    }
 }
	public class AllowCrossSiteJson : ActionFilterAttribute
	{
	public override void OnActionExecuting(ActionExecutingContext filterContext)
	{
	HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);
	HttpContext.Current.Response.Cache.SetNoStore();

	var headers = Enumerable.ToList(HttpContext.Current.Request.Headers.AllKeys);
	headers.Add("X-HTTP-Method-Override");

	filterContext.RequestContext.HttpContext.Response.AppendHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
	filterContext.RequestContext.HttpContext.Response.AppendHeader("Access-Control-Allow-Headers", string.Join(", ", headers));

	filterContext.RequestContext.HttpContext.Response.AppendHeader("Access-Control-Allow-Origin", "*");

	base.OnActionExecuting(filterContext);
	}
	}