tykayn/mastodon
1
0
Fork 0
mirror of https://framagit.org/tykayn/mastodon.git synced 2023-08-25 08:33:12 +02:00
Code Issues Projects Releases Wiki Activity

Use same CORS policy for /@:username and /users/:username (#9485)

Browse Source 
Fixes #8189

rack-cors being called before the application router, it does not follow
the redirection, and we need a separate rule for /users/:username.
This commit is contained in:
ThibG 2018-12-10 21:39:47 +01:00 committed by Eugen Rochko
parent ed24bb2c3e
commit 3f12c07ff5
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/initializers/cors.rb
View File

@ -17,6 +17,10 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do
headers: :any, headers: :any,
methods: [:get], methods: [:get],
credentials: false credentials: false
resource '/users/:username',
headers: :any,
methods: [:get],
credentials: false
resource '/api/*', resource '/api/*',
headers: :any, headers: :any,
methods: [:post, :put, :delete, :get, :patch, :options], methods: [:post, :put, :delete, :get, :patch, :options],