diff options
author | Beatrix Bitrot <=> | 2017-04-22 00:55:14 +0000 |
---|---|---|
committer | beatrix-bitrot <beatrix.bitrot@gmail.com> | 2017-06-23 21:45:14 +0000 |
commit | a337c5dbe50ea9fad8f45ae93513c970c46ff2d0 (patch) | |
tree | dc5ef719edc6c27148bd563173a6e1f6ce27746e | |
parent | c0979381a4dd7541ab1d70647dbb2838e7496100 (diff) |
CORS tweaks
-rw-r--r-- | config/application.rb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/config/application.rb b/config/application.rb index 6b121009e..ac63e0e94 100644 --- a/config/application.rb +++ b/config/application.rb @@ -67,9 +67,11 @@ module Mastodon config.active_job.queue_adapter = :sidekiq + #config.middleware.insert_before 0, Rack::Cors, debug: true, logger: (-> { Rails.logger }) do config.middleware.insert_before 0, Rack::Cors do allow do origins '*' + resource '/assets/*', headers: :any, methods: [:get, :head, :options] resource '/@:username', headers: :any, methods: [:get], credentials: false resource '/api/*', headers: :any, methods: [:post, :put, :delete, :get, :patch, :options], credentials: false, expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id'] resource '/oauth/token', headers: :any, methods: [:post], credentials: false |