From 9464b03869a7ea0e1aa48e7dd1f8d577d669a425 Mon Sep 17 00:00:00 2001
From: Ivan Matmati <imatmati@haproxy.com>
Date: Fri, 15 Apr 2022 15:39:24 +0200
Subject: [PATCH] BUG: reenable cors-allow-credentials annotation

---
 controller/annotations/annotations.go        |  1 +
 controller/annotations/ingress/resSetCORS.go | 10 ++++++++++
 2 files changed, 11 insertions(+)

diff --git a/controller/annotations/annotations.go b/controller/annotations/annotations.go
index 4dc6becc..ce0485a8 100644
--- a/controller/annotations/annotations.go
+++ b/controller/annotations/annotations.go
@@ -96,6 +96,7 @@ func Frontend(i *store.Ingress, r *rules.Rules, m maps.MapFiles) []Annotation {
 		resSetCORS.NewAnnotation("cors-allow-methods"),
 		resSetCORS.NewAnnotation("cors-allow-headers"),
 		resSetCORS.NewAnnotation("cors-max-age"),
+		resSetCORS.NewAnnotation("cors-allow-credentials"),
 	}
 }
 
diff --git a/controller/annotations/ingress/resSetCORS.go b/controller/annotations/ingress/resSetCORS.go
index 40ad865f..12d0d73b 100644
--- a/controller/annotations/ingress/resSetCORS.go
+++ b/controller/annotations/ingress/resSetCORS.go
@@ -130,6 +130,16 @@ func (a ResSetCORSAnn) Process(k store.K8s, annotations ...map[string]string) (e
 			Response:  true,
 			CondTest:  a.parent.acl,
 		})
+	case "cors-allow-credentials":
+		if a.parent.acl == "" {
+			return
+		}
+		a.parent.rules.Add(&rules.SetHdr{
+			HdrName:   "Access-Control-Allow-Credentials",
+			HdrFormat: "\"true\"",
+			Response:  true,
+			CondTest:  a.parent.acl,
+		})
 	default:
 		err = fmt.Errorf("unknown cors annotation '%s'", a.name)
 	}