New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add :allow_if config option to http origin for custom accept/reject #108

Merged
merged 4 commits into from Jul 27, 2016

Conversation

Projects
None yet
2 participants
@nathanstitt
Contributor

nathanstitt commented May 29, 2016

In my app I've got a few URL's that can be accessed from anywhere via CORS, but others should remain locked down.

I'm handling the CORS headers on my own, but don't want to disable Rack::Protection altogether, I just need it to ignore a few endpoints

I noticed #95 also adds an allow_if config to FrameOptions, so I chose this name to keep them the same.

Happy to rework as needed.

@nathanstitt

This comment has been minimized.

Show comment
Hide comment
@nathanstitt

nathanstitt Jun 4, 2016

Contributor

It appears that specs are failing randomly on old Ruby version when bundle install fails. #107 has similar issues, but somehow #95 passed. Is there a trick I'm missing or something ?

Contributor

nathanstitt commented Jun 4, 2016

It appears that specs are failing randomly on old Ruby version when bundle install fails. #107 has similar issues, but somehow #95 passed. Is there a trick I'm missing or something ?

@zzak zzak merged commit ae5b2cd into sinatra:master Jul 27, 2016

1 check failed

continuous-integration/travis-ci/pr The Travis CI build could not complete due to an error
Details
@zzak

This comment has been minimized.

Show comment
Hide comment
@zzak

zzak Jul 27, 2016

Member

Rebased and merged, thank you @nathanstitt!

Member

zzak commented Jul 27, 2016

Rebased and merged, thank you @nathanstitt!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment