Allow Cross-origin resource sharing for GitLab API

It will allow to write web applications on other domains to interact
with GitLab instances

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
This commit is contained in:
Dmitriy Zaporozhets 2013-12-05 10:29:45 +02:00
parent 23d180f5f1
commit 6edb4c0634
No known key found for this signature in database
GPG key ID: 2CEAFD2671262EC2
3 changed files with 11 additions and 0 deletions

View file

@ -44,6 +44,7 @@ gem "gitlab-linguist", "~> 2.9.6", require: "linguist"
# API
gem "grape", "~> 0.4.1"
gem "grape-entity", "~> 0.3.0"
gem 'rack-cors', require: 'rack/cors'
# Format dates and times
# based on human-friendly examples

View file

@ -335,6 +335,7 @@ GEM
rack
rack-cache (1.2)
rack (>= 0.4)
rack-cors (0.2.9)
rack-mini-profiler (0.1.31)
rack (>= 1.1.3)
rack-mount (0.8.3)
@ -610,6 +611,7 @@ DEPENDENCIES
pry
quiet_assets (~> 1.0.1)
rack-attack
rack-cors
rack-mini-profiler
rails (= 3.2.16)
rails-dev-tweaks

View file

@ -79,5 +79,13 @@ module Gitlab
# config.relative_url_root = "/gitlab"
config.middleware.use Rack::Attack
# Allow access to GitLab API from other domains
config.middleware.use Rack::Cors do
allow do
origins '*'
resource '/api/*', headers: :any, methods: [:get, :post, :options, :put]
end
end
end
end