Allow API consumer to send credentials on cross-origin requests

2012-03-13 21:12:24 +00:00
parent 196ea16a94
commit 499b06c9e5
2 changed files with 3 additions and 0 deletions
--- a/app/controllers/api/application_controller.rb
+++ b/app/controllers/api/application_controller.rb
@@ -3,6 +3,7 @@ class Api::ApplicationController < ApplicationController

  def cor_filter
    headers['Access-Control-Allow-Origin'] = request.headers['Origin']
+    headers['Access-Control-Allow-Credentials'] = 'true'
  end

  def cor_preflight