IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: CORS settings per-site in a multisite env

Browse Source
This commit is contained in:
Neil Lalonde
2011-10-15 14:00:00 -04:00
parent bb59798066
commit f88075cbba
4 changed files with 19 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
config/initializers/08-rack-cors.rb
View File

@@ -1,24 +1,30 @@
if GlobalSetting.enable_cors && GlobalSetting.cors_origin.present?
if GlobalSetting.enable_cors
class Discourse::Cors
def initialize(app, options = nil)
@app = app
@origins = GlobalSetting.cors_origin.split(',').map(&:strip)
if GlobalSetting.enable_cors && GlobalSetting.cors_origin.present?
@global_origins = GlobalSetting.cors_origin.split(',').map(&:strip)
end
end
def call(env)
status, headers, body = @app.call(env)
origin = nil
cors_origins = @global_origins || []
cors_origins += SiteSetting.cors_origins.split('|') if SiteSetting.cors_origins
if origin = env['HTTP_ORIGIN']
origin = nil unless @origins.include? origin
if cors_origins
if origin = env['HTTP_ORIGIN']
origin = nil unless cors_origins.include?(origin)
end
headers['Access-Control-Allow-Origin'] = origin || cors_origins[0]
headers['Access-Control-Allow-Credentials'] = "true"
end
headers['Access-Control-Allow-Origin'] = origin || @origins[0]
headers['Access-Control-Allow-Credentials'] = "true"
[status,headers,body]
end
end
Rails.configuration.middleware.insert 0, Discourse::Cors
Rails.configuration.middleware.use Discourse::Cors
end