New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

restrict CORS to /api/ routes #1585

Merged
merged 1 commit into from Oct 2, 2017

Conversation

Projects
None yet
2 participants
@jseppi
Contributor

jseppi commented Oct 2, 2017

and only allow read-only methods (GET and OPTIONS).

Fixes #1583.

James Seppi
restrict CORS to /api/ routes
and only allow read-only methods (GET and OPTIONS)

@jseppi jseppi self-assigned this Oct 2, 2017

@jseppi jseppi requested a review from toolness Oct 2, 2017

@toolness

This seems good, 🤞 that CloudFront and/or API Umbrella don't somehow mess this up.

@jseppi jseppi merged commit 570e10a into develop Oct 2, 2017

3 checks passed

ci/circleci Your tests passed on CircleCI!
Details
codeclimate All good!
Details
codeclimate/total-coverage 96% (0.0% change)
Details

@jseppi jseppi deleted the 1583-restrict-cors branch Oct 2, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment