Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/config/initializers/08-rack-cors.rb

25 lines
642 B
Ruby
Raw Blame History

if GlobalSetting.enable_cors && GlobalSetting.cors_origin.present?
class Discourse::Cors
def initialize(app, options = nil)
@app = app
@origins = GlobalSetting.cors_origin.split(',').map(&:strip)
end
def call(env)
status, headers, body = @app.call(env)
origin = nil
if origin = env['HTTP_ORIGIN']
origin = nil unless @origins.include? origin
end
headers['Access-Control-Allow-Origin'] = origin || @origins[0]
headers['Access-Control-Allow-Credentials'] = "true"
[status,headers,body]
end
end
Rails.configuration.middleware.insert 0, Discourse::Cors
end
Reference in New Issue View Git Blame Copy Permalink