scinote-web/config/initializers/cors.rb

# Be sure to restart your server when you modify this file.

# Avoid CORS issues when API is called from the frontend app.
# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests.

# Read more: https://github.com/cyu/rack-cors

if ENV['SCINOTE_PWA_DOMAIN_NAME'].present?
  Rails.application.config.middleware.insert_before 0, Rack::Cors do
    allow do
      origins ENV['SCINOTE_PWA_DOMAIN_NAME']

      resource '/oauth/token',
               headers: :any,
               methods: %i(post)

      resource '/rails/active_storage/*',
               headers: :any,
               methods: %i(get post options head)

      resource '/api/*',
               headers: :any,
               methods: %i(get post put patch delete options head)
    end
  end
end
Upgrade Rails to 6.0 [SCI-3745] 2019-09-12 23:21:48 +08:00			`# Be sure to restart your server when you modify this file.`

			`# Avoid CORS issues when API is called from the frontend app.`
			`# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests.`

			`# Read more: https://github.com/cyu/rack-cors`

Enable CORS for PWA [SCI-4979] 2020-09-04 17:47:45 +08:00			`if ENV['SCINOTE_PWA_DOMAIN_NAME'].present?`
			`Rails.application.config.middleware.insert_before 0, Rack::Cors do`
			`allow do`
			`origins ENV['SCINOTE_PWA_DOMAIN_NAME']`

			`resource '/oauth/token',`
			`headers: :any,`
			`methods: %i(post)`

			`resource '/rails/active_storage/*',`
			`headers: :any,`
			`methods: %i(get post options head)`

			`resource '/api/*',`
			`headers: :any,`
			`methods: %i(get post put patch delete options head)`
			`end`
			`end`
			`end`