Add latest changes from gitlab-org/gitlab@master

1 files changed, 4 insertions, 2 deletions

diff --git a/config/application.rb b/config/application.rb
index f9cc1cb543a..3ebd4a3bc36 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -229,13 +229,15 @@ module Gitlab
 
     # Allow access to GitLab API from other domains
     config.middleware.insert_before Warden::Manager, Rack::Cors do
+      headers_to_expose = %w[Link X-Total X-Total-Pages X-Per-Page X-Page X-Next-Page X-Prev-Page X-Gitlab-Blob-Id X-Gitlab-Commit-Id X-Gitlab-Content-Sha256 X-Gitlab-Encoding X-Gitlab-File-Name X-Gitlab-File-Path X-Gitlab-Last-Commit-Id X-Gitlab-Ref X-Gitlab-Size]
+
       allow do
         origins Gitlab.config.gitlab.url
         resource '/api/*',
           credentials: true,
           headers: :any,
           methods: :any,
-          expose: %w[Link X-Total X-Total-Pages X-Per-Page X-Page X-Next-Page X-Prev-Page]
+          expose: headers_to_expose
       end
 
       # Cross-origin requests must not have the session cookie available
@@ -245,7 +247,7 @@ module Gitlab
           credentials: false,
           headers: :any,
           methods: :any,
-          expose: %w[Link X-Total X-Total-Pages X-Per-Page X-Page X-Next-Page X-Prev-Page]
+          expose: headers_to_expose
       end
     end