3 files changed, 18 insertions(+), 34 deletions(-)

M .rubocop_todo.yml
M config/initializers/cors.rb
M config/initializers/session_store.rb

@@ 14,14 14,6 @@ Bundler/OrderedGems:
     - 'Gemfile'
 
 # This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle, IndentationWidth.
-# SupportedStyles: with_first_argument, with_fixed_indentation
-Layout/ArgumentAlignment:
-  Exclude:
-    - 'config/initializers/cors.rb'
-    - 'config/initializers/session_store.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle.
 # SupportedHashRocketStyles: key, separator, table
 # SupportedColonStyles: key, separator, table


@@ 841,6 833,5 @@ Style/TrailingCommaInHashLiteral:
 Style/WordArray:
   Exclude:
     - 'app/helpers/languages_helper.rb'
-    - 'config/initializers/cors.rb'
     - 'spec/controllers/settings/imports_controller_spec.rb'
     - 'spec/models/form/import_spec.rb'

@@ 11,26 11,16 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do
   allow do
     origins '*'
 
-    resource '/.well-known/*',
-      headers: :any,
-      methods: [:get],
-      credentials: false
-    resource '/@:username',
-      headers: :any,
-      methods: [:get],
-      credentials: false
-    resource '/users/:username',
-      headers: :any,
-      methods: [:get],
-      credentials: false
-    resource '/api/*',
-      headers: :any,
-      methods: [:post, :put, :delete, :get, :patch, :options],
-      credentials: false,
-      expose: ['Link', 'X-RateLimit-Reset', 'X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-Request-Id']
-    resource '/oauth/token',
-      headers: :any,
-      methods: [:post],
-      credentials: false
+    with_options headers: :any, credentials: false do
+      with_options methods: [:get] do
+        resource '/.well-known/*'
+        resource '/@:username'
+        resource '/users/:username'
+      end
+      resource '/api/*',
+               expose: %w(Link X-RateLimit-Reset X-RateLimit-Limit X-RateLimit-Remaining X-Request-Id),
+               methods: %i(post put delete get patch options)
+      resource '/oauth/token', methods: [:post]
+    end
   end
 end

@@ 2,7 2,10 @@
 
 # Be sure to restart your server when you modify this file.
 
-Rails.application.config.session_store :cookie_store,
-  key: '_mastodon_session',
-  secure: false, # All cookies have their secure flag set by the force_ssl option in production
-  same_site: :lax
+Rails
+  .application
+  .config
+  .session_store :cookie_store,
+                 key: '_mastodon_session',
+                 secure: false, # All cookies have their secure flag set by the force_ssl option in production
+                 same_site: :lax