From ee55d20fd57fefc3bd865fb0a172bd64e908af3b Mon Sep 17 00:00:00 2001 From: Claire Date: Wed, 4 Sep 2024 12:46:28 +0200 Subject: [PATCH] Allow `POST /oauth/revoke` through CORS (#31743) --- config/initializers/cors.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index 37a818bf467..c530693a3f3 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -22,6 +22,7 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do expose: %w(Link X-RateLimit-Reset X-RateLimit-Limit X-RateLimit-Remaining X-Request-Id), methods: %i(post put delete get patch options) resource '/oauth/token', methods: [:post] + resource '/oauth/revoke', methods: [:post] end end end