21 lines
678 B
Ruby
21 lines
678 B
Ruby
|
class ApplicationController < ActionController::Base
|
||
|
|
# Prevent CSRF attacks by raising an exception.
|
||
|
|
# For APIs, you may want to use :null_session instead.
|
||
|
|
protect_from_forgery with: :exception
|
||
|
|
|
||
|
|
#before_filter :set_default_response_format
|
||
|
|
#
|
||
|
|
#private
|
||
|
|
#def set_default_response_format
|
||
|
|
# request.format = :json
|
||
|
|
#end
|
||
|
|
|
||
|
|
before_filter :allow_cors
|
||
|
|
def allow_cors
|
||
|
|
headers['Access-Control-Allow-Origin'] = '*'
|
||
|
|
headers['Access-Control-Allow-Methods'] = 'POST, PUT, DELETE, GET, OPTIONS'
|
||
|
|
headers['Access-Control-Request-Method'] = '*'
|
||
|
|
headers['Access-Control-Allow-Headers'] = 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
|
||
|
|
end
|
||
|
|
end
|