From 41e17b63229a999852b7640927f927d88c6b3e5f Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Tue, 5 Dec 2017 18:06:12 +0000
Subject: [PATCH] Comment

---
 src/github.com/matrix-org/dendrite/common/httpapi.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/github.com/matrix-org/dendrite/common/httpapi.go b/src/github.com/matrix-org/dendrite/common/httpapi.go
index 5a6fcef0..b2ef8959 100644
--- a/src/github.com/matrix-org/dendrite/common/httpapi.go
+++ b/src/github.com/matrix-org/dendrite/common/httpapi.go
@@ -102,6 +102,10 @@ func WrapHandlerInCORS(h http.Handler) http.HandlerFunc {
 		w.Header().Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization")
 
 		if r.Method == "OPTIONS" && r.Header.Get("Access-Control-Request-Method") != "" {
+			// Its easiest just to always return a 200 OK for everything. Whether
+			// this is technically correct or not is a question, but in the end this
+			// is what a lot of other people do (including synapse) and the clients
+			// are perfectly happy with it.
 			w.WriteHeader(http.StatusOK)
 		} else {
 			h.ServeHTTP(w, r)