mastodon/config/application.rb

57 lines
2.1 KiB
Ruby
Raw Normal View History

2016-08-17 08:56:23 -07:00
require_relative 'boot'
2016-02-20 13:53:20 -08:00
require 'rails/all'
# Require the gems listed in Gemfile, including any gems
# you've limited to :test, :development, or :production.
Bundler.require(*Rails.groups)
2016-02-22 09:10:30 -08:00
Dotenv::Railtie.load
2016-02-20 13:53:20 -08:00
module Mastodon
class Application < Rails::Application
# Settings in config/environments/* take precedence over those specified here.
# Application configuration should go into files in config/initializers
# -- all .rb files in that directory are automatically loaded.
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
# config.time_zone = 'Central Time (US & Canada)'
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
# config.i18n.default_locale = :de
# config.paths.add File.join('app', 'api'), glob: File.join('**', '*.rb')
# config.autoload_paths += Dir[Rails.root.join('app', 'api', '*')]
config.active_job.queue_adapter = :sidekiq
config.middleware.insert_before 0, Rack::Cors do
allow do
origins '*'
resource '/api/*', :headers => :any, :methods => [:post, :put, :delete, :get, :options], credentials: false
resource '/oauth/token', :headers => :any, :methods => [:post], credentials: false
end
end
config.middleware.use Rack::Attack
config.middleware.use Rack::Deflater
2016-10-17 15:36:01 -07:00
config.browserify_rails.source_map_environments += %w[development production]
config.browserify_rails.commandline_options = "--transform [ babelify --presets [ es2015 react ] ] --extension=\".jsx\""
2016-10-02 14:46:25 -07:00
config.to_prepare do
Doorkeeper::AuthorizationsController.layout 'auth'
end
config.action_dispatch.default_headers = {
'Server' => 'Mastodon',
'X-Frame-Options' => 'DENY',
2016-11-02 05:12:18 -07:00
'X-Content-Type-Options' => 'nosniff',
'X-XSS-Protection' => '1; mode=block'
}
2016-02-20 13:53:20 -08:00
end
end