CORS tweaks

author: Beatrix Bitrot <=> 2017-04-22 00:55:14 +0000
committer: beatrix-bitrot <beatrix.bitrot@gmail.com> 2017-06-23 21:45:14 +0000
commit: a337c5dbe50ea9fad8f45ae93513c970c46ff2d0 (patch)
tree: dc5ef719edc6c27148bd563173a6e1f6ce27746e /config/application.rb
parent: c0979381a4dd7541ab1d70647dbb2838e7496100 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/config/application.rb b/config/application.rb
index 6b121009e..ac63e0e94 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -67,9 +67,11 @@ module Mastodon
 
     config.active_job.queue_adapter = :sidekiq
 
+    #config.middleware.insert_before 0, Rack::Cors, debug: true, logger: (-> { Rails.logger }) do
     config.middleware.insert_before 0, Rack::Cors do
       allow do
         origins  '*'
+        resource '/assets/*', headers: :any, methods: [:get, :head, :options]
         resource '/@:username',  headers: :any, methods: [:get], credentials: false
         resource '/api/*',       headers: :any, methods: [:post, :put, :delete, :get, :patch, :options], credentials: false, expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id']
         resource '/oauth/token', headers: :any, methods: [:post], credentials: false
author	Beatrix Bitrot <=>	2017-04-22 00:55:14 +0000
committer	beatrix-bitrot <beatrix.bitrot@gmail.com>	2017-06-23 21:45:14 +0000
commit	a337c5dbe50ea9fad8f45ae93513c970c46ff2d0 (patch)
tree	dc5ef719edc6c27148bd563173a6e1f6ce27746e /config/application.rb
parent	c0979381a4dd7541ab1d70647dbb2838e7496100 (diff)