X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/673b58f96f3acfd0281c62a2a7f080825b6fb28b..32c3000af7c2c4016b75abf5a396262e28aabd72:/config/initializers/cors.rb diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index 2bd558d2f..7992ecdce 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -1,4 +1,4 @@ -require "rack/cors" +# Be sure to restart your server when you modify this file. # Mark CORS responses as uncacheable as we don't want a browser to # try and reuse a response that had a different origin, even with @@ -18,7 +18,7 @@ end # so browser-requests should be similarly permitted. (Though the API does not # require any custom headers, Ajax frameworks may automatically add headers # such as X-Requested-By to requests.) -Rails.configuration.middleware.use OpenStreetMap::Cors do +Rails.application.config.middleware.insert_before 0, OpenStreetMap::Cors do allow do origins "*" resource "/oauth/*", :headers => :any, :methods => [:get, :post]