thanks in advance for anyone who can help me with this !!
I'm running a Rails 5.2 application with React and Webpacker, and I want to display a Gravatar icon for my users when they're logged in, but I keep getting blocked by the browser CORB.
I've been going over all the Rack CORS documentation and the Stack Overflow entries about setting up rails with CORS, but I still cannot seem to get it to work. I don't see the allowed-origins
in my headers, and the requests to Gravatar.com continue to be blocked.
I've set up my config/credentials.yml.enc
with my hostnames, as noted in https://stackoverflow.com/a/56772510/759615:
development:
allowed_origins:
- http://localhost:3000
- http://127.0.0.1:3000
production:
allowed_origins:
- http://productionurl1.com
- http://productionurl2.com
application.rb
:
class Application < Rails::Application
config.load_defaults 5.2
config.middleware.insert_before 0, Rack::Cors do
allow do
origins Rails.application.credentials[Rails.env.to_sym][:allowed_origins]
resource '*',
headers: :origin,
methods: [:get, :post, :options, :put]
end
end
end
I've also tried a completely open configuration for CORS in application.rb
just to test the concept:
...
allow do
origins '*'
...
and for the local environment I've set the headers for dev_server in config/webpacker.yml
'Access-Control-Allow-Origin': 'http://localhost:3000/'
(wherein I've also tried the Webpacker hostname, 127.0.0.1
, to no avail)
There are a lot of variables and I've probably missed something or more likely misunderstood the meaning in the documentation, but I'm really hoping someone out there has the CORS answer I'm looking for!!