dark-firepit/mastodon
Archived
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-07-01. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/config/initializers/cors.rb
Thibaut Girka 65e994b29b Merge branch 'master' into glitch-soc/merge-upstream 
Conflicts:
- app/controllers/directories_controller.rb
- app/controllers/settings/applications_controller.rb
- app/controllers/settings/base_controller.rb
- app/controllers/settings/deletes_controller.rb
- app/controllers/settings/exports_controller.rb
- app/controllers/settings/follower_domains_controller.rb
- app/controllers/settings/imports_controller.rb
- app/controllers/settings/migrations_controller.rb
- app/controllers/settings/notifications_controller.rb
- app/controllers/settings/preferences_controller.rb
- app/controllers/settings/sessions_controller.rb
- app/controllers/settings/two_factor_authentication/confirmations_controller.rb
- app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb
- app/controllers/settings/two_factor_authentications_controller.rb

Conflicts were due to some refactoring already made in glitch-soc
when introducing flavours.
2018-12-15 10:45:53 +01:00

39 lines
1.3 KiB
Ruby
Raw Permalink Blame History

# Be sure to restart your server when you modify this file.
# Avoid CORS issues when API is called from the frontend app.
# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests.
# Read more: https://github.com/cyu/rack-cors
Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins '*'
resource '/.well-known/*',
headers: :any,
methods: [:get],
credentials: false
resource '/@:username',
headers: :any,
methods: [:get],
credentials: false
resource '/users/:username',
headers: :any,
methods: [:get],
credentials: false
resource '/api/*',
headers: :any,
methods: [:post, :put, :delete, :get, :patch, :options],
credentials: false,
expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id']
resource '/oauth/token',
headers: :any,
methods: [:post],
credentials: false
resource '/assets/*', headers: :any, methods: [:get, :head, :options]
resource '/stylesheets/*', headers: :any, methods: [:get, :head, :options]
resource '/javascripts/*', headers: :any, methods: [:get, :head, :options]
resource '/packs/*', headers: :any, methods: [:get, :head, :options]
end
end
Reference in a new issue View git blame Copy permalink