Sha256: 398f1b7653e7c6a1834ee516c34828b1adbf1f1982dbbde24d5ef0f0cac43af2

Contents?: true

Size: 912 Bytes

Versions: 5

Compression:

Stored size: 912 Bytes

Contents

class Simple::Httpd::BaseController
  # see https://fetch.spec.whatwg.org/#http-responses
  # see https://stackoverflow.com/questions/24264574/cors-headers-present-only-on-preflight-or-every-request

  options "*" do
    # The Access-Control max age setting is cached for up to 1 day. This value
    # is capped at different values depending on the browser.
    headers "Access-Control-Max-Age" => "86400"
    headers "Access-Control-Allow-Methods" => "*"
    headers "Access-Control-Allow-Headers" => "Origin,X-Requested-With,Content-Type,Accept,Session-Id"
    headers "Access-Control-Expose-Headers" => "X-Total-Entries,X-Total-Pages,X-Page,X-Per-Page"

    200
  end

  after do
    # This set of CORS headers must be set on each request.
    headers "Access-Control-Allow-Credentials" => "true",
            "Access-Control-Allow-Origin" => origin,
            "Vary" => "Accept-Encoding, Origin"
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
simple-httpd-0.4.3 lib/simple/httpd/base_controller/cors.rb
simple-httpd-0.4.2 lib/simple/httpd/base_controller/cors.rb
simple-httpd-0.4.1 lib/simple/httpd/base_controller/cors.rb
simple-httpd-0.4.0 lib/simple/httpd/base_controller/cors.rb
simple-httpd-0.3.5 lib/simple/httpd/base_controller/cors.rb