parent
029209a634
commit
5d2cdb40f5
5 changed files with 32 additions and 62 deletions
|
@ -77,16 +77,4 @@ Rails.application.configure do
|
||||||
Bullet.rails_logger = true
|
Bullet.rails_logger = true
|
||||||
end
|
end
|
||||||
|
|
||||||
# ref: https://github.com/cyu/rack-cors
|
|
||||||
config.middleware.insert_before 0, Rack::Cors do
|
|
||||||
allow do
|
|
||||||
origins '*'
|
|
||||||
resource '/packs/*', headers: :any, methods: [:get, :options]
|
|
||||||
resource '/audio/*', headers: :any, methods: [:get, :options]
|
|
||||||
resource '*', headers: :any, methods: :any, expose: ['access-token', 'client', 'uid', 'expiry']
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
# ref : https://medium.com/@emikaijuin/connecting-to-action-cable-without-rails-d39a8aaa52d5
|
|
||||||
config.action_cable.disable_request_forgery_protection = true
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -42,16 +42,6 @@ Rails.application.configure do
|
||||||
# Store uploaded files on the local file system (see config/storage.yml for options)
|
# Store uploaded files on the local file system (see config/storage.yml for options)
|
||||||
config.active_storage.service = ENV.fetch('ACTIVE_STORAGE_SERVICE', 'local').to_sym
|
config.active_storage.service = ENV.fetch('ACTIVE_STORAGE_SERVICE', 'local').to_sym
|
||||||
|
|
||||||
# Mount Action Cable outside main process or domain
|
|
||||||
# config.action_cable.mount_path = nil
|
|
||||||
# config.action_cable.url = 'wss://example.com/cable'
|
|
||||||
|
|
||||||
# to enable connecting to the API channel public APIs
|
|
||||||
config.action_cable.disable_request_forgery_protection = true
|
|
||||||
# if ENV['FRONTEND_URL'].present?
|
|
||||||
# config.action_cable.allowed_request_origins = [ENV['FRONTEND_URL'], %r{https?://#{URI.parse(ENV['FRONTEND_URL']).host}(:[0-9]+)?}]
|
|
||||||
# end
|
|
||||||
|
|
||||||
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
||||||
config.force_ssl = ActiveModel::Type::Boolean.new.cast(ENV.fetch('FORCE_SSL', false))
|
config.force_ssl = ActiveModel::Type::Boolean.new.cast(ENV.fetch('FORCE_SSL', false))
|
||||||
|
|
||||||
|
@ -113,18 +103,4 @@ Rails.application.configure do
|
||||||
config.action_mailbox.ingress = ENV.fetch('RAILS_INBOUND_EMAIL_SERVICE', 'relay').to_sym
|
config.action_mailbox.ingress = ENV.fetch('RAILS_INBOUND_EMAIL_SERVICE', 'relay').to_sym
|
||||||
|
|
||||||
Rails.application.routes.default_url_options = { host: ENV['FRONTEND_URL'] }
|
Rails.application.routes.default_url_options = { host: ENV['FRONTEND_URL'] }
|
||||||
|
|
||||||
# font cors issue with CDN
|
|
||||||
# Ref: https://stackoverflow.com/questions/56960709/rails-font-cors-policy
|
|
||||||
# ref: https://github.com/cyu/rack-cors
|
|
||||||
config.middleware.insert_before 0, Rack::Cors do
|
|
||||||
allow do
|
|
||||||
origins '*'
|
|
||||||
resource '/packs/*', headers: :any, methods: [:get, :options]
|
|
||||||
resource '/audio/*', headers: :any, methods: [:get, :options]
|
|
||||||
if ActiveModel::Type::Boolean.new.cast(ENV.fetch('CW_API_ONLY_SERVER', false))
|
|
||||||
resource '*', headers: :any, methods: :any, expose: ['access-token', 'client', 'uid', 'expiry']
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -34,11 +34,6 @@ Rails.application.configure do
|
||||||
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
|
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
|
||||||
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
|
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
|
||||||
|
|
||||||
# Mount Action Cable outside main process or domain
|
|
||||||
# config.action_cable.mount_path = nil
|
|
||||||
# config.action_cable.url = 'wss://example.com/cable'
|
|
||||||
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
|
|
||||||
|
|
||||||
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
||||||
config.force_ssl = ActiveModel::Type::Boolean.new.cast(ENV.fetch('FORCE_SSL', false))
|
config.force_ssl = ActiveModel::Type::Boolean.new.cast(ENV.fetch('FORCE_SSL', false))
|
||||||
|
|
||||||
|
@ -80,14 +75,4 @@ Rails.application.configure do
|
||||||
|
|
||||||
# Do not dump schema after migrations.
|
# Do not dump schema after migrations.
|
||||||
config.active_record.dump_schema_after_migration = false
|
config.active_record.dump_schema_after_migration = false
|
||||||
|
|
||||||
# font cors issue with CDN
|
|
||||||
# Ref: https://stackoverflow.com/questions/56960709/rails-font-cors-policy
|
|
||||||
config.middleware.insert_before 0, Rack::Cors do
|
|
||||||
allow do
|
|
||||||
origins '*'
|
|
||||||
resource '/packs/*', headers: :any, methods: [:get, :options]
|
|
||||||
resource '/audio/*', headers: :any, methods: [:get, :options]
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -51,14 +51,4 @@ Rails.application.configure do
|
||||||
# Raises error for missing translations.
|
# Raises error for missing translations.
|
||||||
# config.action_view.raise_on_missing_translations = true
|
# config.action_view.raise_on_missing_translations = true
|
||||||
config.log_level = ENV.fetch('LOG_LEVEL', 'debug').to_sym
|
config.log_level = ENV.fetch('LOG_LEVEL', 'debug').to_sym
|
||||||
|
|
||||||
# font cors issue with CDN
|
|
||||||
# Ref: https://stackoverflow.com/questions/56960709/rails-font-cors-policy
|
|
||||||
config.middleware.insert_before 0, Rack::Cors do
|
|
||||||
allow do
|
|
||||||
origins '*'
|
|
||||||
resource '/packs/*', headers: :any, methods: [:get, :options]
|
|
||||||
resource '/audio/*', headers: :any, methods: [:get, :options]
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
31
config/initializers/cors.rb
Normal file
31
config/initializers/cors.rb
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
# config/initializers/cors.rb
|
||||||
|
# ref: https://github.com/cyu/rack-cors
|
||||||
|
|
||||||
|
# font cors issue with CDN
|
||||||
|
# Ref: https://stackoverflow.com/questions/56960709/rails-font-cors-policy
|
||||||
|
Rails.application.config.middleware.insert_before 0, Rack::Cors do
|
||||||
|
allow do
|
||||||
|
origins '*'
|
||||||
|
resource '/packs/*', headers: :any, methods: [:get, :options]
|
||||||
|
resource '/audio/*', headers: :any, methods: [:get, :options]
|
||||||
|
# Make the public endpoints accessible to the frontend
|
||||||
|
resource '/public/api/*', headers: :any, methods: :any
|
||||||
|
|
||||||
|
if ActiveModel::Type::Boolean.new.cast(ENV.fetch('CW_API_ONLY_SERVER', false)) || Rails.env.development?
|
||||||
|
resource '*', headers: :any, methods: :any, expose: %w[access-token client uid expiry]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################
|
||||||
|
######### Action Cable Related Config ##########
|
||||||
|
################################################
|
||||||
|
|
||||||
|
# Mount Action Cable outside main process or domain
|
||||||
|
# Rails.application.config.action_cable.mount_path = nil
|
||||||
|
# Rails.application.config.action_cable.url = 'wss://example.com/cable'
|
||||||
|
# Rails.application.config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
|
||||||
|
|
||||||
|
# To Enable connecting to the API channel public APIs
|
||||||
|
# ref : https://medium.com/@emikaijuin/connecting-to-action-cable-without-rails-d39a8aaa52d5
|
||||||
|
Rails.application.config.action_cable.disable_request_forgery_protection = true
|
Loading…
Reference in a new issue