Prostakov Prostakov - 2 months ago 13
Ruby Question

Can't get rack-cors working in rails application

I wanted to implement CORS in my rails application, so I googled rack-cors gem for it. And I did everything as was said in README, that is updated Gemfile accordingly and updated

application.rb
like this:


module YourApp
class Application < Rails::Application

# ...

config.middleware.use Rack::Cors do
allow do
origins '*'
resource '*', :headers => :any, :methods => [:get, :post, :options]
end
end

end
end


But it didn't work. No matter what I did, in the browser console I kept getting message:

XMLHttpRequest cannot load https://somewebsite.com. Origin http://0.0.0.0:3000 is not allowed by Access-Control-Allow-Origin.



After reading this blogpost and issue on github, I realized that maybe position of rack-cors middleware in the middleware stack matters. So I did as was told in the github issue:

module YourApp
class Application < Rails::Application

# ...

config.middleware.insert 0, Rack::Cors do
allow do
origins '*'
resource '*', :headers => :any, :methods => [:get, :post, :options]
end
end

end
end


After that, when I run
rake middleware
rack-cors is really at the top of the stack.

But It still just simply won't work. I keep getting the same error. Anyone, please help.

Answer

I ran into the same problem with heroku. I found this blog with the same rack-cors issue.

Just moved the use Rack::Cors to config.ru, redeployed to heroku and it works.

require ::File.expand_path('../config/environment',  __FILE__)
run Rails.application

require 'rack/cors'
use Rack::Cors do

  # allow all origins in development
  allow do
    origins '*'
    resource '*', 
        :headers => :any, 
        :methods => [:get, :post, :delete, :put, :options]
  end
end
Comments