Drop custom CORS rack module

[rails.git] / config / initializers / cors.rb

diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
index 710e2c00950e9e6c568bec3e57238d775462b8aa..75fe503e37612520ce39b21ddada18f315ff59ec 100644 (file)
--- a/config/initializers/cors.rb
+++ b/config/initializers/cors.rb
@@ -1,24 +1,11 @@
 # Be sure to restart your server when you modify this file.
 
-# Mark CORS responses as uncacheable as we don't want a browser to
-# try and reuse a response that had a different origin, even with
-# revalidation, as the origin check will fail.
-module OpenStreetMap
-  class Cors < Rack::Cors
-    def call(env)
-      status, headers, body = super
-      headers["Cache-Control"] = "no-cache" if headers["Access-Control-Allow-Origin"]
-      [status, headers, body]
-    end
-  end
-end
-
 # Allow any and all cross-origin requests to the API. Allow any origin, and
 # any headers. Non-browser requests do not have origin or header restrictions,
 # so browser-requests should be similarly permitted. (Though the API does not
 # require any custom headers, Ajax frameworks may automatically add headers
 # such as X-Requested-By to requests.)
-Rails.application.config.middleware.insert_before 0, OpenStreetMap::Cors do
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
   allow do
     origins "*"
     resource "/oauth/*", :headers => :any, :methods => [:get, :post]