I'm fairly new to coding and am learning about Devise/Omniauth at the moment. I'm working on a tutorial to get a user to connect with Facebook through Omniauth as an example but get the following error in the console:
XMLHttpRequest cannot load https://www.facebook.com/dialog/oauth?client_id=... No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.
I understand that for security reasons, some browsers are not allowing CORS request. I did find many related topics on StackOverflow (link1, link2, link3,link4,link5) and that the main thing is to allow
Access-Control-Allow-Origin: *
I tried it and couldn't get it to work. Because I'm using ruby, I also found out that there is a gem called (Rack-Cors) to allow CORS requests with ruby and thought to myself "Cool, I'm saved" but I couldn't get it to work either.
Running out of option and because I'm running Chrome, I also tried to open chrome that way
open /Applications/Google\ Chrome.app --args --disable-web-security
It didn't work either. I tried different things for the past days and cannot get the Omniauth Facebook login to work (PS: I have allowed access to http://localhost:3000/ in the Facebook developers settings page of my app)
Please find enclosed the link to my repository on Github: repository
What a I doing wrong? Are there some specific way to set-up CORS that I'm missing? If anyone could help or know how to make it work with ruby/chrome, it would be greatly appreciated. Thanks.
