[openstreetmap-website] Allow cross-origin request to API (#138)
notifications at github.com
Mon Oct 22 15:33:20 GMT 2012
> @@ -72,6 +72,14 @@ class Application < Rails::Application
> # Version of your assets, change this if you want to expire all your assets
> config.assets.version = '1.0'
> + # Allow cross-origin API requests
Ajax frameworks tend to add a few custom headers like `X-Requested-By` automatically. Prototype [reportedly](http://www.tsheffler.com/blog/?p=428) also adds `X-Prototype-Version`. Since we don't have any restrictions on request headers coming from non-browsers, I think it makes sense to have the same permissiveness for browser requests.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the rails-dev