commit: e1c40b8ca288fe689cd78a96b34276089df3babe
parent: a68c18f0ad6befe432e961bd348744b305492524
Author: kaniini <nenolod@gmail.com>
Date: Tue, 6 Nov 2018 21:24:16 +0000
Merge branch 'patch-2' into 'develop'
Remove Access-Control-Allow-Origin in pleroma.nginx
See merge request pleroma/pleroma!424
Diffstat:
1 file changed, 0 insertions(+), 1 deletion(-)
diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx
@@ -62,7 +62,6 @@ server {
location / {
# if you do not want remote frontends to be able to access your Pleroma backend
# server, remove these lines.
- add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'POST, PUT, DELETE, GET, PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Idempotency-Key' always;
add_header 'Access-Control-Expose-Headers' 'Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id' always;