From 8694cb4b92c00d0edba6c48927daca97caad24e1 Mon Sep 17 00:00:00 2001 From: Piotr Sarnacki Date: Wed, 18 Jun 2014 14:59:33 +0200 Subject: [PATCH] Revert "Serve CORS from app" This reverts commit 7f66d4bce984c51d99b16c116ae1907ddf60eddc. --- config/nginx.conf.erb | 21 +++++++++++++++++++++ lib/travis/api/app.rb | 2 +- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/config/nginx.conf.erb b/config/nginx.conf.erb index b901bab8..2e0a0142 100644 --- a/config/nginx.conf.erb +++ b/config/nginx.conf.erb @@ -34,6 +34,27 @@ http { keepalive_timeout 5; location / { + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Expose-Headers' 'Content-Type, Cache-Control, Expires, Etag, Last-Modified'; + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Expose-Headers' 'Content-Type, Cache-Control, Expires, Etag, Last-Modified'; + + # Tell browser to cache this pre-flight info for 20 days + add_header 'Access-Control-Max-Age' 1728000; + + add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, PATCH, PUT, DELETE, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, Accept, If-None-Match, If-Modified-Since'; + + add_header 'Content-Length' 0; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + + return 204; + } + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; diff --git a/lib/travis/api/app.rb b/lib/travis/api/app.rb index 59b7dacc..f099787f 100644 --- a/lib/travis/api/app.rb +++ b/lib/travis/api/app.rb @@ -87,7 +87,7 @@ module Travis::Api [ 420, {}, ['Enhance Your Calm']] end - use Travis::Api::App::Cors + use Travis::Api::App::Cors if Travis.env == 'development' use Raven::Rack if Endpoint.production? use Rack::Protection::PathTraversal use Rack::SSL if Endpoint.production?