From e9bb688911994b8cc408fdff5111eeb927f0abfa Mon Sep 17 00:00:00 2001
From: Will Daly <will@edx.org>
Date: Tue, 24 Feb 2015 11:19:48 -0500
Subject: [PATCH] Expose CORS_ORIGIN_ALLOW_ALL setting

---
 lms/envs/aws.py    | 1 +
 lms/envs/common.py | 1 +
 2 files changed, 2 insertions(+)

diff --git a/lms/envs/aws.py b/lms/envs/aws.py
index 47ecffba6d..37326c847e 100644
--- a/lms/envs/aws.py
+++ b/lms/envs/aws.py
@@ -313,6 +313,7 @@ if FEATURES.get('ENABLE_CORS_HEADERS'):
     ) + MIDDLEWARE_CLASSES
     CORS_ALLOW_CREDENTIALS = True
     CORS_ORIGIN_WHITELIST = ENV_TOKENS.get('CORS_ORIGIN_WHITELIST', ())
+    CORS_ORIGIN_ALLOW_ALL = ENV_TOKENS.get('CORS_ORIGIN_ALLOW_ALL', False)
 
 ############################## SECURE AUTH ITEMS ###############
 # Secret things: passwords, access keys, etc.
diff --git a/lms/envs/common.py b/lms/envs/common.py
index d0365412f7..d35f902666 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -1700,6 +1700,7 @@ if FEATURES.get('ENABLE_CORS_HEADERS'):
     ) + MIDDLEWARE_CLASSES
     CORS_ALLOW_CREDENTIALS = True
     CORS_ORIGIN_WHITELIST = ()
+    CORS_ORIGIN_ALLOW_ALL = False
 
 ###################### Registration ##################################