From ff4964913077530d7a6696b6ffe0d4d51fafdc3d Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Wed, 15 Feb 2017 23:26:17 +0100
Subject: [PATCH] Expose Link headers via CORS

---
 config/application.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/application.rb b/config/application.rb
index d448359574..8da5ade3cf 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -34,7 +34,7 @@ module Mastodon
       allow do
         origins  '*'
 
-        resource '/api/*',       headers: :any, methods: [:post, :put, :delete, :get, :options], credentials: false
+        resource '/api/*',       headers: :any, methods: [:post, :put, :delete, :get, :options], credentials: false, expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id']
         resource '/oauth/token', headers: :any, methods: [:post], credentials: false
       end
     end
-- 
GitLab