2023-07-12 17:47:08 +10:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2018-04-12 22:45:17 +10:00
|
|
|
# Be sure to restart your server when you modify this file.
|
|
|
|
|
|
|
|
# Avoid CORS issues when API is called from the frontend app.
|
|
|
|
# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests.
|
|
|
|
|
|
|
|
# Read more: https://github.com/cyu/rack-cors
|
|
|
|
|
|
|
|
Rails.application.config.middleware.insert_before 0, Rack::Cors do
|
|
|
|
allow do
|
|
|
|
origins '*'
|
|
|
|
|
2018-10-25 12:13:35 +11:00
|
|
|
resource '/.well-known/*',
|
|
|
|
headers: :any,
|
|
|
|
methods: [:get],
|
|
|
|
credentials: false
|
2018-04-12 22:45:17 +10:00
|
|
|
resource '/@:username',
|
|
|
|
headers: :any,
|
|
|
|
methods: [:get],
|
|
|
|
credentials: false
|
2018-12-11 07:39:47 +11:00
|
|
|
resource '/users/:username',
|
|
|
|
headers: :any,
|
|
|
|
methods: [:get],
|
|
|
|
credentials: false
|
2018-04-12 22:45:17 +10:00
|
|
|
resource '/api/*',
|
|
|
|
headers: :any,
|
|
|
|
methods: [:post, :put, :delete, :get, :patch, :options],
|
|
|
|
credentials: false,
|
|
|
|
expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id']
|
|
|
|
resource '/oauth/token',
|
|
|
|
headers: :any,
|
|
|
|
methods: [:post],
|
|
|
|
credentials: false
|
|
|
|
end
|
|
|
|
end
|