Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,429 Commits 179 Branches 500 Tags 935 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Aaron Boushley 60aa52b753 Enable CORS requests to pass necessary headers. 
To fully enable session deletion over CORS we need support for passing the
`X-Requested-With` header so that these requests can pass the `check-xhr` filter.

I also allowed the `X-CSRF-Token` to enable the alternative CSRF passing syntax.
 2015-05-14 09:46:41 -07:00
Robin Ward 963b08f063 Allow OPTIONS requests when CORS is enabled 2015-05-14 11:14:47 -04:00
Neil Lalonde f88075cbba FEATURE: CORS settings per-site in a multisite env 2014-10-15 15:20:39 -04:00
Vikhyat Korrapati 2f30ce79c8 Add Access-Control-Allow-Credentials to the CORS headers. 2014-07-30 02:36:30 +05:30
Sam 46c406360d FIX: cors setting was broken 
Some days I wonder why we bother taking a whole gem
dependency when 10 lines of code does the job right
 2014-07-23 17:04:09 +10:00
Neil Lalonde 10f0ddbbdd Make it possible to add multiple CORS origins in discourse.conf and docker yml files 2014-06-13 14:47:19 -04:00
slainer68 a89018db87 Use GlobalSetting to enable CORS at application level 2014-02-09 23:11:52 -08:00
slainer68 467c76b2c0 Implements support for rack-cors for API JavaScript access in end-user browser 2013-04-22 11:16:58 +02:00