diff options
author | ThibG <thib@sitedethib.com> | 2018-12-10 21:39:47 +0100 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2018-12-10 21:39:47 +0100 |
commit | 3f12c07ff5f60d22cfbff050a2639345ecbaec57 (patch) | |
tree | d970b7ba33627d6bc0ccc4f30d338b110307117b /config/initializers | |
parent | ed24bb2c3ecf82521be0685f59ecdee77c6fff39 (diff) |
Use same CORS policy for /@:username and /users/:username (#9485)
Fixes #8189 rack-cors being called before the application router, it does not follow the redirection, and we need a separate rule for /users/:username.
Diffstat (limited to 'config/initializers')
-rw-r--r-- | config/initializers/cors.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index 36d3663cb..55f8c9c91 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -17,6 +17,10 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do headers: :any, methods: [:get], credentials: false + resource '/users/:username', + headers: :any, + methods: [:get], + credentials: false resource '/api/*', headers: :any, methods: [:post, :put, :delete, :get, :patch, :options], |