5d2cdb40f5
fixes: #3070
31 lines
1.4 KiB
Ruby
31 lines
1.4 KiB
Ruby
# config/initializers/cors.rb
|
|
# ref: https://github.com/cyu/rack-cors
|
|
|
|
# font cors issue with CDN
|
|
# Ref: https://stackoverflow.com/questions/56960709/rails-font-cors-policy
|
|
Rails.application.config.middleware.insert_before 0, Rack::Cors do
|
|
allow do
|
|
origins '*'
|
|
resource '/packs/*', headers: :any, methods: [:get, :options]
|
|
resource '/audio/*', headers: :any, methods: [:get, :options]
|
|
# Make the public endpoints accessible to the frontend
|
|
resource '/public/api/*', headers: :any, methods: :any
|
|
|
|
if ActiveModel::Type::Boolean.new.cast(ENV.fetch('CW_API_ONLY_SERVER', false)) || Rails.env.development?
|
|
resource '*', headers: :any, methods: :any, expose: %w[access-token client uid expiry]
|
|
end
|
|
end
|
|
end
|
|
|
|
################################################
|
|
######### Action Cable Related Config ##########
|
|
################################################
|
|
|
|
# Mount Action Cable outside main process or domain
|
|
# Rails.application.config.action_cable.mount_path = nil
|
|
# Rails.application.config.action_cable.url = 'wss://example.com/cable'
|
|
# Rails.application.config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
|
|
|
|
# To Enable connecting to the API channel public APIs
|
|
# ref : https://medium.com/@emikaijuin/connecting-to-action-cable-without-rails-d39a8aaa52d5
|
|
Rails.application.config.action_cable.disable_request_forgery_protection = true
|