Permalink
Browse files

Restrict CORS to API only

Previously this was missing the leading slash
  • Loading branch information...
nikolai-b committed Aug 13, 2018
1 parent a59913a commit a2906f630b033fa44182ca55a9e91d04f2738ea8
Showing with 1 addition and 1 deletion.
  1. +1 −1 config/initializers/cors.rb
@@ -5,7 +5,7 @@ class Application < Rails::Application
config.middleware.insert_before 0, "Rack::Cors" do
allow do
origins '*'
resource '*', headers: :any, methods: [:get, :post, :options], credentials: false
resource '/api/*', headers: :any, methods: [:get, :post, :options], credentials: false
end
end
end

0 comments on commit a2906f6

Please sign in to comment.