-
Steven Hancock a rédigé
Remove partial support for CORS on webfinger routes and replace it with the Rack::Cors middleware. This provides more complete CORS support and works around a caching issue with nginx on Heroku and potentially other reverse proxies. CORS headers are only added if the incoming request includes an "Origin" header, which seems to be correct according to the CORS spec. closes #2216
Steven Hancock a rédigéRemove partial support for CORS on webfinger routes and replace it with the Rack::Cors middleware. This provides more complete CORS support and works around a caching issue with nginx on Heroku and potentially other reverse proxies. CORS headers are only added if the incoming request includes an "Origin" header, which seems to be correct according to the CORS spec. closes #2216
