diff options
author | Robert Schilling <rschilling@student.tugraz.at> | 2017-03-02 10:14:22 +0100 |
---|---|---|
committer | Robert Schilling <rschilling@student.tugraz.at> | 2017-03-02 10:14:22 +0100 |
commit | f9788bc12988636b03ffd3d00da10f8d58a13a37 (patch) | |
tree | 156e0bfda3536cfac7378c6123b72f24a6aa436d | |
parent | d4154195329b0a823848df8ceae144aebd6ccf6b (diff) | |
download | gitlab-ce-expose-pagination-headers.tar.gz |
CORS: Whitelist pagination headersexpose-pagination-headers
-rw-r--r-- | changelogs/unreleased/expose-pagination-headers.yml | 4 | ||||
-rw-r--r-- | config/application.rb | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/changelogs/unreleased/expose-pagination-headers.yml b/changelogs/unreleased/expose-pagination-headers.yml new file mode 100644 index 00000000000..1b4cd43fa06 --- /dev/null +++ b/changelogs/unreleased/expose-pagination-headers.yml @@ -0,0 +1,4 @@ +--- +title: 'CORS: Whitelist pagination headers' +merge_request: 9651 +author: Robert Schilling diff --git a/config/application.rb b/config/application.rb index 9088d3c432b..45f3b20d214 100644 --- a/config/application.rb +++ b/config/application.rb @@ -120,7 +120,7 @@ module Gitlab credentials: true, headers: :any, methods: :any, - expose: ['Link'] + expose: ['Link', 'X-Total', 'X-Total-Pages', 'X-Per-Page', 'X-Page', 'X-Next-Page', 'X-Prev-Page'] end # Cross-origin requests must not have the session cookie available @@ -130,7 +130,7 @@ module Gitlab credentials: false, headers: :any, methods: :any, - expose: ['Link'] + expose: ['Link', 'X-Total', 'X-Total-Pages', 'X-Per-Page', 'X-Page', 'X-Next-Page', 'X-Prev-Page'] end end |