[openstreetmap-website] Allow cross-origin request to API (#138)
John Firebaugh
notifications at github.com
Mon Oct 22 15:33:20 GMT 2012
> @@ -72,6 +72,14 @@ class Application < Rails::Application
> # Version of your assets, change this if you want to expire all your assets
> config.assets.version = '1.0'
>
> + # Allow cross-origin API requests
Ajax frameworks tend to add a few custom headers like `X-Requested-By` automatically. Prototype [reportedly](http://www.tsheffler.com/blog/?p=428) also adds `X-Prototype-Version`. Since we don't have any restrictions on request headers coming from non-browsers, I think it makes sense to have the same permissiveness for browser requests.
---
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/138/files#r1904999
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20121022/0c8c7ac5/attachment.html>
More information about the rails-dev
mailing list