Upgrade Rails to version 5.2.0 (#5898)

author: Yamagishi Kazutoshi <ykzts@desire.sh> 2018-04-12 21:45:17 +0900
committer: Eugen Rochko <eugen@zeonfederated.com> 2018-04-12 14:45:17 +0200
commit: 50529cbceb84e611bca497624a7a4c38113e5135 (patch)
tree: 753e4e8975f0404717e451fceb64d341f19435fc /config/initializers/cors.rb
parent: 8e88a18316d45a459a31d67487bccc247592d187 (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
new file mode 100644
index 000000000..681a7498f
--- /dev/null
+++ b/config/initializers/cors.rb
@@ -0,0 +1,26 @@
+# Be sure to restart your server when you modify this file.
+
+# Avoid CORS issues when API is called from the frontend app.
+# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests.
+
+# Read more: https://github.com/cyu/rack-cors
+
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+  allow do
+    origins '*'
+
+    resource '/@:username',
+      headers: :any,
+      methods: [:get],
+      credentials: false
+    resource '/api/*',
+      headers: :any,
+      methods: [:post, :put, :delete, :get, :patch, :options],
+      credentials: false,
+      expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id']
+    resource '/oauth/token',
+      headers: :any,
+      methods: [:post],
+      credentials: false
+  end
+end
author	Yamagishi Kazutoshi <ykzts@desire.sh>	2018-04-12 21:45:17 +0900
committer	Eugen Rochko <eugen@zeonfederated.com>	2018-04-12 14:45:17 +0200
commit	50529cbceb84e611bca497624a7a4c38113e5135 (patch)
tree	753e4e8975f0404717e451fceb64d341f19435fc /config/initializers/cors.rb
parent	8e88a18316d45a459a31d67487bccc247592d187 (diff)