diff options
author | Yamagishi Kazutoshi <ykzts@desire.sh> | 2018-04-12 21:45:17 +0900 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2018-04-12 14:45:17 +0200 |
commit | 50529cbceb84e611bca497624a7a4c38113e5135 (patch) | |
tree | 753e4e8975f0404717e451fceb64d341f19435fc /config/initializers/cors.rb | |
parent | 8e88a18316d45a459a31d67487bccc247592d187 (diff) |
Upgrade Rails to version 5.2.0 (#5898)
Diffstat (limited to 'config/initializers/cors.rb')
-rw-r--r-- | config/initializers/cors.rb | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb new file mode 100644 index 000000000..681a7498f --- /dev/null +++ b/config/initializers/cors.rb @@ -0,0 +1,26 @@ +# Be sure to restart your server when you modify this file. + +# Avoid CORS issues when API is called from the frontend app. +# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests. + +# Read more: https://github.com/cyu/rack-cors + +Rails.application.config.middleware.insert_before 0, Rack::Cors do + allow do + origins '*' + + resource '/@:username', + headers: :any, + methods: [:get], + credentials: false + resource '/api/*', + headers: :any, + methods: [:post, :put, :delete, :get, :patch, :options], + credentials: false, + expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id'] + resource '/oauth/token', + headers: :any, + methods: [:post], + credentials: false + end +end |