From a337c5dbe50ea9fad8f45ae93513c970c46ff2d0 Mon Sep 17 00:00:00 2001 From: Beatrix Bitrot <=> Date: Sat, 22 Apr 2017 00:55:14 +0000 Subject: [PATCH] CORS tweaks --- config/application.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/application.rb b/config/application.rb index 6b121009e1..ac63e0e942 100644 --- a/config/application.rb +++ b/config/application.rb @@ -67,9 +67,11 @@ module Mastodon config.active_job.queue_adapter = :sidekiq + #config.middleware.insert_before 0, Rack::Cors, debug: true, logger: (-> { Rails.logger }) do config.middleware.insert_before 0, Rack::Cors do allow do origins '*' + resource '/assets/*', headers: :any, methods: [:get, :head, :options] resource '/@:username', headers: :any, methods: [:get], credentials: false resource '/api/*', headers: :any, methods: [:post, :put, :delete, :get, :patch, :options], credentials: false, expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id'] resource '/oauth/token', headers: :any, methods: [:post], credentials: false