[rubygems/rubygems] Add access control headers for all requests to allow RubyGems.org to render the response

https://github.com/rubygems/rubygems/commit/22b329eb60

lib/rubygems/webauthn_listener/response.rb

@@ -44,7 +44,6 @@ class Gem::WebauthnListener
     end
 
     def access_control_headers
-      return "" unless add_access_control_headers?
       <<~RESPONSE
         Access-Control-Allow-Origin: #{host}
         Access-Control-Allow-Methods: POST
@@ -66,10 +65,6 @@ class Gem::WebauthnListener
       raise NotImplementedError
     end
 
-    def add_access_control_headers?
-      false
-    end
-
     def body; end
   end
 end

lib/rubygems/webauthn_listener/response/response_no_content.rb

@@ -7,8 +7,4 @@ class Gem::WebauthnListener::ResponseNoContent < Gem::WebauthnListener::Response
   def status
     "204 No Content"
   end
-
-  def add_access_control_headers?
-    true
-  end
 end

lib/rubygems/webauthn_listener/response/response_ok.rb

@@ -8,10 +8,6 @@ class Gem::WebauthnListener::ResponseOk < Gem::WebauthnListener::Response
     "200 OK"
   end
 
-  def add_access_control_headers?
-    true
-  end
-
   def body
     "success"
   end

test/rubygems/test_webauthn_listener_response.rb

@@ -57,6 +57,9 @@ class WebauthnListenerResponseTest < Gem::TestCase
     expected_payload = <<~RESPONSE
       HTTP/1.1 405 Method Not Allowed
       Connection: close
+      Access-Control-Allow-Origin: rubygems.example
+      Access-Control-Allow-Methods: POST
+      Access-Control-Allow-Headers: Content-Type, Authorization, x-csrf-token
       Allow: GET, OPTIONS
     RESPONSE
 
@@ -69,6 +72,9 @@ class WebauthnListenerResponseTest < Gem::TestCase
     expected_payload = <<~RESPONSE
       HTTP/1.1 404 Not Found
       Connection: close
+      Access-Control-Allow-Origin: rubygems.example
+      Access-Control-Allow-Methods: POST
+      Access-Control-Allow-Headers: Content-Type, Authorization, x-csrf-token
     RESPONSE
 
     assert_equal expected_payload, payload
@@ -80,6 +86,9 @@ class WebauthnListenerResponseTest < Gem::TestCase
     expected_payload = <<~RESPONSE
       HTTP/1.1 400 Bad Request
       Connection: close
+      Access-Control-Allow-Origin: rubygems.example
+      Access-Control-Allow-Methods: POST
+      Access-Control-Allow-Headers: Content-Type, Authorization, x-csrf-token
       Content-Type: text/plain
       Content-Length: 22