Merge pull request #2990 from stevenh512/rack-cors
Cross-Origin Resource Sharing
This commit is contained in:
Maxwell Salzberg
commit
dbe7a4c72b
4 changed files with 15 additions and 8 deletions
4
Gemfile
4
Gemfile
|
|
@ -8,6 +8,10 @@ gem 'whenever'
|
||||||
|
|
||||||
gem 'thin', '~> 1.3.1', :require => false
|
gem 'thin', '~> 1.3.1', :require => false
|
||||||
|
|
||||||
|
# cross-origin resource sharing
|
||||||
|
|
||||||
|
gem 'rack-cors', '~> 0.2.4', :require => 'rack/cors'
|
||||||
|
|
||||||
# authentication
|
# authentication
|
||||||
|
|
||||||
gem 'devise', '~> 1.3.1'
|
gem 'devise', '~> 1.3.1'
|
||||||
|
|
|
||||||
|
|
@ -300,6 +300,8 @@ GEM
|
||||||
polyglot (0.3.3)
|
polyglot (0.3.3)
|
||||||
proxies (0.2.1)
|
proxies (0.2.1)
|
||||||
rack (1.2.5)
|
rack (1.2.5)
|
||||||
|
rack-cors (0.2.4)
|
||||||
|
rack
|
||||||
rack-fiber_pool (0.9.2)
|
rack-fiber_pool (0.9.2)
|
||||||
rack-google-analytics (0.10.0)
|
rack-google-analytics (0.10.0)
|
||||||
rack-mobile-detect (0.3.0)
|
rack-mobile-detect (0.3.0)
|
||||||
|
|
@ -496,6 +498,7 @@ DEPENDENCIES
|
||||||
omniauth-twitter
|
omniauth-twitter
|
||||||
parallel_tests
|
parallel_tests
|
||||||
pg
|
pg
|
||||||
|
rack-cors (~> 0.2.4)
|
||||||
rack-google-analytics
|
rack-google-analytics
|
||||||
rack-piwik
|
rack-piwik
|
||||||
rack-rewrite (~> 1.2.1)
|
rack-rewrite (~> 1.2.1)
|
||||||
|
|
|
||||||
|
|
@ -17,7 +17,6 @@ class PublicsController < ApplicationController
|
||||||
|
|
||||||
skip_before_filter :set_header_data
|
skip_before_filter :set_header_data
|
||||||
skip_before_filter :set_grammatical_gender
|
skip_before_filter :set_grammatical_gender
|
||||||
before_filter :allow_cross_origin, :only => [:hcard, :host_meta, :webfinger]
|
|
||||||
before_filter :check_for_xml, :only => [:receive, :receive_public]
|
before_filter :check_for_xml, :only => [:receive, :receive_public]
|
||||||
before_filter :authenticate_user!, :only => [:index]
|
before_filter :authenticate_user!, :only => [:index]
|
||||||
|
|
||||||
|
|
@ -82,12 +81,6 @@ class PublicsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
def allow_cross_origin
|
|
||||||
headers["Access-Control-Allow-Origin"] = "*"
|
|
||||||
end
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def check_for_xml
|
def check_for_xml
|
||||||
|
|
|
||||||
7
config/initializers/cors.rb
Normal file
7
config/initializers/cors.rb
Normal file
|
|
@ -0,0 +1,7 @@
|
||||||
|
Rails.application.config.middleware.insert 0, Rack::Cors do
|
||||||
|
allow do
|
||||||
|
origins '*'
|
||||||
|
resource '/.well-known/host-meta'
|
||||||
|
resource '/webfinger'
|
||||||
|
end
|
||||||
|
end
|
||||||
Loading…
Reference in a new issue