feat: CORS support (#813)

* feat: Add CORS support for Flutter mobile client Add rack-cors gem and configure CORS for API and OAuth endpoints to enable cross-origin requests from mobile clients and other external applications. https://claude.ai/code/session_01RJ6MKLkjBv7x5AQLEUn8AF * feat: Add /sessions/* to CORS for webview authentication Enable CORS for session endpoints to support webview-based authentication flows in the Flutter mobile client. https://claude.ai/code/session_01RJ6MKLkjBv7x5AQLEUn8AF * test: Add integration tests for CORS configuration Test that CORS middleware is configured and returns proper headers for API, OAuth, and session endpoints including preflight requests. https://claude.ai/code/session_01RJ6MKLkjBv7x5AQLEUn8AF * Gemfile.lock --------- Co-authored-by: Claude <noreply@anthropic.com>
2026-04-25 17:15:07 +02:00 · 2026-01-28 17:25:02 +01:00
parent f6c38344cd
commit ef4f5f7b8b
4 changed files with 113 additions and 0 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -477,6 +477,9 @@ GEM
    rack (3.1.18)
    rack-attack (6.7.0)
      rack (>= 1.0, < 4)
+    rack-cors (3.0.0)
+      logger
+      rack (>= 3.0.14)
    rack-mini-profiler (4.0.0)
      rack (>= 1.2.0)
    rack-oauth2 (2.2.1)
@@ -822,6 +825,7 @@ DEPENDENCIES
  puma (>= 5.0)
  pundit
  rack-attack (~> 6.6)
+  rack-cors
  rack-mini-profiler
  rails (~> 7.2.2)
  rails-settings-cached