Commit 1f4a93fd7c125fec38f4d04934e4705285eda015
Committed by
Antonio Terceiro
Antonio Terceiro
1 parent
dbaf4701
Allow Access-Control-Allow-Credentials in Access-Control-Allow-Origin
(cherry picked from commit e51453fd3b20c01ed6b77b2c4396ec4254fbd403)
Showing
1 changed file
with
1 additions
and
0 deletions
Show diff stats
app/controllers/application_controller.rb
| @@ -28,6 +28,7 @@ class ApplicationController < ActionController::Base | @@ -28,6 +28,7 @@ class ApplicationController < ActionController::Base | ||
| 28 | unless environment.access_control_allow_methods.blank? | 28 | unless environment.access_control_allow_methods.blank? |
| 29 | response.headers["Access-Control-Allow-Methods"] = environment.access_control_allow_methods | 29 | response.headers["Access-Control-Allow-Methods"] = environment.access_control_allow_methods |
| 30 | end | 30 | end |
| 31 | + response.headers["Access-Control-Allow-Credentials"] = 'true' | ||
| 31 | elsif environment.restrict_to_access_control_origins | 32 | elsif environment.restrict_to_access_control_origins |
| 32 | render_access_denied _('Origin not in allowed.') | 33 | render_access_denied _('Origin not in allowed.') |
| 33 | end | 34 | end |