Use same CORS policy for /@:username and /users/:username (#9485)

author ThibG <thib@sitedethib.com>

Mon, 10 Dec 2018 20:39:47 +0000 (21:39 +0100)

committer Eugen Rochko <eugen@zeonfederated.com>

Mon, 10 Dec 2018 20:39:47 +0000 (21:39 +0100)
author ThibG <thib@sitedethib.com>
Mon, 10 Dec 2018 20:39:47 +0000 (21:39 +0100)
committer Eugen Rochko <eugen@zeonfederated.com>
Mon, 10 Dec 2018 20:39:47 +0000 (21:39 +0100)
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb

index 36d3663cb493e9303dea109dd4a2a15327419b6b..55f8c9c9193c8387770f1e62fdc2b4c1810b8710 100644 (file)
--- a/config/initializers/cors.rb
+++ b/config/initializers/cors.rb
@@ -17,6 +17,10 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do
        headers: :any,
        methods: [:get],
        credentials: false
+    resource '/users/:username',
+      headers: :any,
+      methods: [:get],
+      credentials: false
      resource '/api/*',
        headers: :any,
        methods: [:post, :put, :delete, :get, :patch, :options],
author	ThibG <thib@sitedethib.com>
	Mon, 10 Dec 2018 20:39:47 +0000 (21:39 +0100)
committer	Eugen Rochko <eugen@zeonfederated.com>
	Mon, 10 Dec 2018 20:39:47 +0000 (21:39 +0100)