Changelog
*Sourced from [rack-cors's changelog](https://github.com/cyu/rack-cors/blob/master/CHANGELOG.md).*
> ## 1.0.3 - 2019-03-24
> ### Changed
> - Don't send 'Content-Type' header with pre-flight requests
> - Allow ruby array for vary header config
>
> ## 1.0.2 - 2017-10-22
> ### Fixed
> - Automatically allow simple headers when headers are set
>
> ## 1.0.1 - 2017-07-18
> ### Fixed
> - Allow lambda origin configuration
>
> ## 1.0.0 - 2017-07-15
> ### Security
> - Don't implicitly accept 'null' origins when 'file://' is specified
> (https://github-redirect.dependabot.com/cyu/rack-cors/pull/134)
> - Ignore '' origins (https://github-redirect.dependabot.com/cyu/rack-cors/issues/139)
> - Default credentials option on resources to false
> (https://github-redirect.dependabot.com/cyu/rack-cors/issues/95)
> - Don't allow credentials option to be true if '*' is specified is origin
> (https://github-redirect.dependabot.com/cyu/rack-cors/pull/142)
> - Don't reflect Origin header when '*' is specified as origin
> (https://github-redirect.dependabot.com/cyu/rack-cors/pull/142)
>
> ### Fixed
> - Don't respond immediately on non-matching preflight requests instead of
> sending them through the app (https://github-redirect.dependabot.com/cyu/rack-cors/pull/106)
>
> ## 0.4.1 - 2017-02-01
> ### Fixed
> - Return miss result in X-Rack-CORS instead of incorrectly returning
> preflight-hit
>
> ## 0.4.0 - 2015-04-15
> ### Changed
> - Don't set HTTP_ORIGIN with HTTP_X_ORIGIN if nil
>
> ### Added
> - Calculate vary headers for non-CORS resources
> - Support custom vary headers for resource
> - Support :if option for resource
> - Support :any as a possible value for :methods option
>
> ### Fixed
> - Don't symbolize incoming HTTP request methods
>
> ## 0.3.1 - 2014-12-27
> ### Changed
> - Changed the env key to rack.cors to avoid Rack::Lint warnings
> ... (truncated)
Commits
- [`f77f89f`](https://github.com/cyu/rack-cors/commit/f77f89f560e948c5e556bc26b254028b5be45562) Version 1.0.3
- [`ddcf819`](https://github.com/cyu/rack-cors/commit/ddcf81970afbf6cedea74d6362cc509d8c102eaf) Clean up gemspec
- [`5fed623`](https://github.com/cyu/rack-cors/commit/5fed623f0c1d2f8c61c8c3804c13adc599c57aac) Update rack gem
- [`1137201`](https://github.com/cyu/rack-cors/commit/1137201a2f2721b82ed1c40aa9ecc5fc74dbc9bd) Update Rails4 example
- [`c62c484`](https://github.com/cyu/rack-cors/commit/c62c484b3d7c9ec9df4fea20438b14d657e45cc4) Remove unnecessary :require option from Gemfile example
- [`30f63a7`](https://github.com/cyu/rack-cors/commit/30f63a7feac47e2b3567784eb0b1f9c3ab67e673) Add an :if example to the README (based on https://github.com/cyu/rack-cors/i...
- [`963196c`](https://github.com/cyu/rack-cors/commit/963196c3ee1ee3ed9057445d9d254dc1e617f2a9) Remove CONTENT_TYPE constant
- [`7c97ded`](https://github.com/cyu/rack-cors/commit/7c97dedce37a65d44cb579a732e6ef275d3c6076) remove content-type header from preflight response
- [`359a16c`](https://github.com/cyu/rack-cors/commit/359a16c7042e7c9a3b1bba540bb431d180a94b84) Update rails4 example to 4.2.10
- [`9e40a60`](https://github.com/cyu/rack-cors/commit/9e40a6080ba28d351528566195ed7bc47cd542a3) Updated deps to fix more vulnerabilities
- Additional commits viewable in [compare view](https://github.com/cyu/rack-cors/compare/v0.2.9...v1.0.3)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/holderdeord/hdo-site/network/alerts).
Bumps rack-cors from 0.2.9 to 1.0.3.
Changelog
*Sourced from [rack-cors's changelog](https://github.com/cyu/rack-cors/blob/master/CHANGELOG.md).* > ## 1.0.3 - 2019-03-24 > ### Changed > - Don't send 'Content-Type' header with pre-flight requests > - Allow ruby array for vary header config > > ## 1.0.2 - 2017-10-22 > ### Fixed > - Automatically allow simple headers when headers are set > > ## 1.0.1 - 2017-07-18 > ### Fixed > - Allow lambda origin configuration > > ## 1.0.0 - 2017-07-15 > ### Security > - Don't implicitly accept 'null' origins when 'file://' is specified > (https://github-redirect.dependabot.com/cyu/rack-cors/pull/134) > - Ignore '' origins (https://github-redirect.dependabot.com/cyu/rack-cors/issues/139) > - Default credentials option on resources to false > (https://github-redirect.dependabot.com/cyu/rack-cors/issues/95) > - Don't allow credentials option to be true if '*' is specified is origin > (https://github-redirect.dependabot.com/cyu/rack-cors/pull/142) > - Don't reflect Origin header when '*' is specified as origin > (https://github-redirect.dependabot.com/cyu/rack-cors/pull/142) > > ### Fixed > - Don't respond immediately on non-matching preflight requests instead of > sending them through the app (https://github-redirect.dependabot.com/cyu/rack-cors/pull/106) > > ## 0.4.1 - 2017-02-01 > ### Fixed > - Return miss result in X-Rack-CORS instead of incorrectly returning > preflight-hit > > ## 0.4.0 - 2015-04-15 > ### Changed > - Don't set HTTP_ORIGIN with HTTP_X_ORIGIN if nil > > ### Added > - Calculate vary headers for non-CORS resources > - Support custom vary headers for resource > - Support :if option for resource > - Support :any as a possible value for :methods option > > ### Fixed > - Don't symbolize incoming HTTP request methods > > ## 0.3.1 - 2014-12-27 > ### Changed > - Changed the env key to rack.cors to avoid Rack::Lint warnings > ... (truncated)Commits
- [`f77f89f`](https://github.com/cyu/rack-cors/commit/f77f89f560e948c5e556bc26b254028b5be45562) Version 1.0.3 - [`ddcf819`](https://github.com/cyu/rack-cors/commit/ddcf81970afbf6cedea74d6362cc509d8c102eaf) Clean up gemspec - [`5fed623`](https://github.com/cyu/rack-cors/commit/5fed623f0c1d2f8c61c8c3804c13adc599c57aac) Update rack gem - [`1137201`](https://github.com/cyu/rack-cors/commit/1137201a2f2721b82ed1c40aa9ecc5fc74dbc9bd) Update Rails4 example - [`c62c484`](https://github.com/cyu/rack-cors/commit/c62c484b3d7c9ec9df4fea20438b14d657e45cc4) Remove unnecessary :require option from Gemfile example - [`30f63a7`](https://github.com/cyu/rack-cors/commit/30f63a7feac47e2b3567784eb0b1f9c3ab67e673) Add an :if example to the README (based on https://github.com/cyu/rack-cors/i... - [`963196c`](https://github.com/cyu/rack-cors/commit/963196c3ee1ee3ed9057445d9d254dc1e617f2a9) Remove CONTENT_TYPE constant - [`7c97ded`](https://github.com/cyu/rack-cors/commit/7c97dedce37a65d44cb579a732e6ef275d3c6076) remove content-type header from preflight response - [`359a16c`](https://github.com/cyu/rack-cors/commit/359a16c7042e7c9a3b1bba540bb431d180a94b84) Update rails4 example to 4.2.10 - [`9e40a60`](https://github.com/cyu/rack-cors/commit/9e40a6080ba28d351528566195ed7bc47cd542a3) Updated deps to fix more vulnerabilities - Additional commits viewable in [compare view](https://github.com/cyu/rack-cors/compare/v0.2.9...v1.0.3)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/holderdeord/hdo-site/network/alerts).