X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/3426976606d30278fcf5ed279d3c95900785c4a5..bf4d8fc2d0e9fa8f828ff9a6b1dc7c6e0a41170b:/config/initializers/cors.rb?ds=inline diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index 7992ecdce..e7b813b73 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -6,7 +6,7 @@ module OpenStreetMap class Cors < Rack::Cors def call(env) - status, headers, body = super env + status, headers, body = super headers["Cache-Control"] = "no-cache" if headers["Access-Control-Allow-Origin"] [status, headers, body] end @@ -22,9 +22,13 @@ Rails.application.config.middleware.insert_before 0, OpenStreetMap::Cors do allow do origins "*" resource "/oauth/*", :headers => :any, :methods => [:get, :post] + resource "/oauth2/token", :headers => :any, :methods => [:post] + resource "/oauth2/revoke", :headers => :any, :methods => [:post] + resource "/oauth2/introspect", :headers => :any, :methods => [:post] resource "/api/*", :headers => :any, :methods => [:get, :post, :put, :delete] resource "/diary/rss", :headers => :any, :methods => [:get] resource "/diary/*/rss", :headers => :any, :methods => [:get] + resource "/trace/*/data", :headers => :any, :methods => [:get] resource "/user/*/diary/rss", :headers => :any, :methods => [:get] end end