Merge remote-tracking branch 'origin/master' into gs-master

Conflicts: Gemfile.lock config/application.rb
2018-04-13 16:36:46 -05:00
parent a817f084ea 50529cbceb
commit ed490b781f
22 changed files with 334 additions and 267 deletions
--- a/config/initializers/cors.rb
+++ b/config/initializers/cors.rb
@@ -0,0 +1,30 @@
+# Be sure to restart your server when you modify this file.
+
+# Avoid CORS issues when API is called from the frontend app.
+# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests.
+
+# Read more: https://github.com/cyu/rack-cors
+
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+  allow do
+    origins '*'
+
+    resource '/@:username',
+      headers: :any,
+      methods: [:get],
+      credentials: false
+    resource '/api/*',
+      headers: :any,
+      methods: [:post, :put, :delete, :get, :patch, :options],
+      credentials: false,
+      expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id']
+    resource '/oauth/token',
+      headers: :any,
+      methods: [:post],
+      credentials: false
+    resource '/assets/*', headers: :any, methods: [:get, :head, :options]
+    resource '/stylesheets/*', headers: :any, methods: [:get, :head, :options]
+    resource '/javascripts/*', headers: :any, methods: [:get, :head, :options]
+    resource '/packs/*', headers: :any, methods: [:get, :head, :options]
+  end
+end