diff --git a/src/app/party.coffee b/src/app/party.coffee index 8baeacf869..a22565c099 100644 --- a/src/app/party.coffee +++ b/src/app/party.coffee @@ -33,7 +33,10 @@ module.exports.partySubscribe = partySubscribe = (page, model, params, next, cb) selfQ = model.query('users').withId (model.get('_userId') or model.session.userId) # see http://goo.gl/TPYIt selfQ.fetch (err, user) -> return next(err) if err - return next("User not found - this shouldn't be happening!") unless user.get() + unless user.get() + #return next("User not found - this shouldn't be happening!") + console.error "User not found - this shouldn't be happening!" + return page.redirect('/logout') #delete model.session.userId finished = (descriptors, paths) -> model.subscribe.apply model, descriptors.concat -> diff --git a/src/server/middleware.coffee b/src/server/middleware.coffee index 3a3304ae00..8e9cb29cb8 100644 --- a/src/server/middleware.coffee +++ b/src/server/middleware.coffee @@ -16,7 +16,7 @@ module.exports.view = (req, res, next) -> module.exports.allowCrossDomain = (req, res, next) -> res.header "Access-Control-Allow-Origin", (req.headers.origin || "*") res.header "Access-Control-Allow-Methods", "OPTIONS,GET,POST,PUT,HEAD,DELETE" - res.header "Access-Control-Allow-Headers", "Content-Type,X-Requested-With,x-api-user,x-api-key" + res.header "Access-Control-Allow-Headers", "Content-Type,Accept,Content-Encoding,X-Requested-With,x-api-user,x-api-key" # wtf is this for? if req.method is 'OPTIONS'