Module: TokenAuth::Concerns::CorsSettings

Included in:: Api::AuthenticationTokensController, Api::PayloadsController, ApiResources

Defined in:: app/controllers/token_auth/concerns/cors_settings.rb

Overview

Allow cross-domain requests.

Instance Method Summary collapse

#cors_set_access_control_headers(allow_methods:, allow_headers: "") ⇒ Object

Instance Method Details

#cors_set_access_control_headers(allow_methods:, allow_headers: "") ⇒ `Object`

# File 'app/controllers/token_auth/concerns/cors_settings.rb', line 6

def cors_set_access_control_headers(allow_methods:, allow_headers: "")
  headers["Access-Control-Allow-Origin"] = "*"
  headers["Access-Control-Allow-Methods"] = allow_methods
  headers["Access-Control-Allow-Headers"] = [
    "Content-Type",
    allow_headers
  ].join(", ")
end