Implement Cross-Origin Resource Sharing:

* Add Api::ApplicationController * Route OPTION requests (CORS preflight) to API application controller * Filter all API requests through #cor_filter in API application controller
2012-02-26 14:10:19 +00:00
parent 88d3242843
commit 6379da88e2
6 changed files with 118 additions and 1 deletions
--- a/app/controllers/api/application_controller.rb
+++ b/app/controllers/api/application_controller.rb
@@ -0,0 +1,14 @@
+class Api::ApplicationController < ApplicationController
+  before_filter :cor_filter
+
+  def cor_filter
+    headers['Access-Control-Allow-Origin'] = request.headers['Origin']
+  end
+
+  def cor_preflight
+    headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE'
+    headers['Access-Control-Allow-Headers'] = 'Content-Type, X-Requested-With'
+
+    head :ok
+  end
+end
--- a/app/controllers/api/v0/playlists_controller.rb
+++ b/app/controllers/api/v0/playlists_controller.rb
@@ -1,4 +1,4 @@
-class Api::V0::PlaylistsController < ApplicationController
+class Api::V0::PlaylistsController < Api::ApplicationController
  respond_to :json

  def index