6379da88e2
* Add Api::ApplicationController * Route OPTION requests (CORS preflight) to API application controller * Filter all API requests through #cor_filter in API application controller
15 lines
375 B
Ruby
15 lines
375 B
Ruby
class Api::ApplicationController < ApplicationController
|
|
before_filter :cor_filter
|
|
|
|
def cor_filter
|
|
headers['Access-Control-Allow-Origin'] = request.headers['Origin']
|
|
end
|
|
|
|
def cor_preflight
|
|
headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE'
|
|
headers['Access-Control-Allow-Headers'] = 'Content-Type, X-Requested-With'
|
|
|
|
head :ok
|
|
end
|
|
end
|