rack-cors 2.0.0.rc1 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +1 -0
- data/README.md +12 -1
- data/lib/rack/cors/resource.rb +1 -1
- data/lib/rack/cors/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6edbdc45ea6ee992d901d2247a525bbc9b5073ad30cbde1ea8de9cf3addb87a2
|
|
4
|
+
data.tar.gz: 164c53dabece23422babf95ac1ecf108f3e0f44cf8101781ea30df290ff7ddc7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 90c845fbb2c197c33dce3902684dc284ea2ad888d2d57d3a62454f4fd6fa3612a2c23d3a1d97394929a44e0dfdff4513ca533d6ff820975f020c482adda35b08
|
|
7
|
+
data.tar.gz: da1506992c2f78e26c9f045b996843d3ce2af0bcce85425c3af38c53fdd2f240b064e5753a8e86e80b30563b63537b46b1528b05f1d98625e1b65225e5d892dc
|
data/CHANGELOG.md
CHANGED
|
@@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file.
|
|
|
6
6
|
- Refactored codebase
|
|
7
7
|
- Support declaring custom protocols in origin
|
|
8
8
|
- Lowercased header names as defined by Rack spec
|
|
9
|
+
- Fix issue with duplicate headers because of header name case
|
|
9
10
|
|
|
10
11
|
## 1.1.1 - 2019-12-29
|
|
11
12
|
### Changed
|
data/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
`Rack::Cors` provides support for Cross-Origin Resource Sharing (CORS) for Rack compatible web applications.
|
|
4
4
|
|
|
5
|
-
The [CORS spec](http://www.w3.org/TR/cors/) allows web applications to make cross domain AJAX calls without using workarounds such as JSONP. See [
|
|
5
|
+
The [CORS spec](http://www.w3.org/TR/cors/) allows web applications to make cross domain AJAX calls without using workarounds such as JSONP. See [further explanations on MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)
|
|
6
6
|
|
|
7
7
|
## Installation
|
|
8
8
|
|
|
@@ -33,6 +33,8 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do
|
|
|
33
33
|
end
|
|
34
34
|
```
|
|
35
35
|
|
|
36
|
+
NOTE: If you create application with `--api` option, configuration automatically generate in `config/initializers/cors.rb`.
|
|
37
|
+
|
|
36
38
|
We use `insert_before` to make sure `Rack::Cors` runs at the beginning of the stack to make sure it isn't interfered with by other middleware (see `Rack::Cache` note in **Common Gotchas** section). Basic setup examples for Rails 5 & Rails 6 can be found in the examples/ directory.
|
|
37
39
|
|
|
38
40
|
See The [Rails Guide to Rack](http://guides.rubyonrails.org/rails_on_rack.html) for more details on rack middlewares or watch the [railscast](http://railscasts.com/episodes/151-rack-middleware).
|
|
@@ -147,3 +149,12 @@ RAILS_ENV=production bundle exec rake middleware
|
|
|
147
149
|
If you trying to serve CORS headers on static assets (like CSS, JS, Font files), keep in mind that static files are usually served directly from web servers and never runs through the Rails container (including the middleware stack where `Rack::Cors` resides).
|
|
148
150
|
|
|
149
151
|
In Heroku, you can serve static assets through the Rails container by setting `config.serve_static_assets = true` in `production.rb`.
|
|
152
|
+
|
|
153
|
+
### Custom Protocols (chrome-extension://, ionic://, etc.)
|
|
154
|
+
|
|
155
|
+
Prior to 2.0.0, `http://`, `https://`, and `file://` are the only protocols supported in the `origins` list. If you wish to specify an origin that
|
|
156
|
+
has a custom protocol (`chrome-extension://`, `ionic://`, etc.) simply exclude the protocol. [See issue.](https://github.com/cyu/rack-cors/issues/100)
|
|
157
|
+
|
|
158
|
+
For example, instead of specifying `chrome-extension://aomjjhallfgjeglblehebfpbcfeobpga` specify `aomjjhallfgjeglblehebfpbcfeobpga` in `origins`.
|
|
159
|
+
|
|
160
|
+
As of 2.0.0 (currently in RC1), you can specify origins with a custom protocol.
|
data/lib/rack/cors/resource.rb
CHANGED
|
@@ -83,7 +83,7 @@ module Rack
|
|
|
83
83
|
|
|
84
84
|
def to_preflight_headers(env)
|
|
85
85
|
h = to_headers(env)
|
|
86
|
-
h.merge!('
|
|
86
|
+
h.merge!('access-control-allow-headers' => env[Rack::Cors::HTTP_ACCESS_CONTROL_REQUEST_HEADERS]) if env[Rack::Cors::HTTP_ACCESS_CONTROL_REQUEST_HEADERS]
|
|
87
87
|
h
|
|
88
88
|
end
|
|
89
89
|
|
data/lib/rack/cors/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-cors
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.0
|
|
4
|
+
version: 2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Calvin Yu
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-02-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -177,11 +177,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
177
177
|
version: '0'
|
|
178
178
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
179
179
|
requirements:
|
|
180
|
-
- - "
|
|
180
|
+
- - ">="
|
|
181
181
|
- !ruby/object:Gem::Version
|
|
182
|
-
version:
|
|
182
|
+
version: '0'
|
|
183
183
|
requirements: []
|
|
184
|
-
rubygems_version: 3.
|
|
184
|
+
rubygems_version: 3.1.2
|
|
185
185
|
signing_key:
|
|
186
186
|
specification_version: 4
|
|
187
187
|
summary: Middleware for enabling Cross-Origin Resource Sharing in Rack apps
|