From f9788bc12988636b03ffd3d00da10f8d58a13a37 Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Thu, 2 Mar 2017 10:14:22 +0100
Subject: CORS: Whitelist pagination headers

---
 config/application.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'config')

diff --git a/config/application.rb b/config/application.rb
index 9088d3c432b..45f3b20d214 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -120,7 +120,7 @@ module Gitlab
           credentials: true,
           headers: :any,
           methods: :any,
-          expose: ['Link']
+          expose: ['Link', 'X-Total', 'X-Total-Pages', 'X-Per-Page', 'X-Page', 'X-Next-Page', 'X-Prev-Page']
       end
 
       # Cross-origin requests must not have the session cookie available
@@ -130,7 +130,7 @@ module Gitlab
           credentials: false,
           headers: :any,
           methods: :any,
-          expose: ['Link']
+          expose: ['Link', 'X-Total', 'X-Total-Pages', 'X-Per-Page', 'X-Page', 'X-Next-Page', 'X-Prev-Page']
       end
     end
 
-- 
cgit v1.2.3