Stack Overflow
Stack Overflow

Questions tagged [rack-cors]

40 questions
11
votes
2 answers

Rails 5.1 CORS - how to set different origins for different environments

I am using the rack-cors gem with a Rail 5.1 API. I have the following initializer as per the documentation: config/initializers/cors.rb module Api Rails.application.config.middleware.insert_before 0, Rack::Cors do allow do origins…
rmcsharry
  • 4,357
  • 4
  • 50
  • 87
8
votes
2 answers

ruby on rails - rack-cors multiple origins with different resources

I'm implementing CORS in my rails application using rack-cors gem for it, but I'm not sure how can i define different resources for different origins. I need something like that: config.middleware.insert_before 0, Rack::Cors do allow do …
yl2015
  • 311
  • 1
  • 3
  • 17
8
votes
0 answers

Invalid request parameters: invalid %-encoding when upload file to Rails api only server

I am working on web app that use Reactjs as a front-end and Rails5 api only app as a back-end This is the data that i send to the server as Request payload ------WebKitFormBoundaryCD1o71UpVNpU4v86 Content-Disposition: form-data;…
Varis Darasirikul
  • 2,591
  • 6
  • 25
  • 58
5
votes
1 answer

How to enable CORS for only selected route rails

I am on Rails5 and I want to allow CORS on one of my route. Here is how I can allow CORS for all my route, but is there a way to only whitelist for one endpoint? config.middleware.insert_before 0, Rack::Cors do allow do origins…
aks
  • 6,072
  • 4
  • 43
  • 68
3
votes
1 answer

ActionDispatch::Cookies not setting Set-Cookie header in response but response.set_cookie does

I have a Rails 5 API only app and want to send cookies in the response of a JSON request. When I use ActionDispatch::Cookies to set a cookie in the response of the request it doesn't set Set-Cookie header in the response. Although…
Raounak Sharma
  • 155
  • 1
  • 2
  • 12
3
votes
1 answer

Ruby on Rails Rack Cors Middleware Blacklisting

I'm working on a legacy project in Rails 4 where the rack-cors gem is used for allowing CORS. I know that there is an option to whitelist a domain. use Rack::Cors do allow do origins 'localhost:3000', '127.0.0.1:3000', …
govind_unnikrishnan
  • 98
  • 8
3
votes
0 answers

Not able to get rack-cors Gem to work for Rails6

I've created a widget show view in my Rails 6 application that I would like to be accessible for third party websites by using an iFrame. For managing the CORS I'm using the rack-cors Gem. But I'm not able to get it to work. Here's my setup: The…
Sebastian Plasschaert
  • 184
  • 3
  • 13
3
votes
0 answers

Cross Origin post to Rails site

I'm using the rack-cors gem with Rails: https://github.com/cyu/rack-cors I need to whitelist ONE domain so that it will allow that domain through. I would think that this would allow traffic from the whitelisted domain . I am making a POST…
Nmuta
  • 245
  • 4
  • 14
3
votes
1 answer

Can't access params sent in POST request from React client to Rails api

I have a React Login component running on localhost:3000. It returns a form which, on submit, uses JS fetch() to post its information to SessionsController in a rails api which runs on localhost:3001. I've alternated between using a FormData object…
David Kennell
  • 1,028
  • 1
  • 11
  • 19
3
votes
1 answer

Why isn't my CORS configuration causing the server to filter incoming requests? How can I make the server only accept requests from a specific origin?

I'd like my Rails 5 API-only app, for now running on http://localhost:3000, to only accept requests from my NodeJS front-end app, for now running on http://localhost:8888. So I configured /config/initializers/cors.rb like…
steven_noble
  • 3,817
  • 9
  • 39
  • 74
2
votes
1 answer

Rails 6, React, Rack-Cors

I have a react app running on localhost:3001 and a rails 6 api backend on localhost:3000 I keep getting cors errors when I post from react to rails. The rails app has Rack Cors. I've tried adding this to cors.rb in the initializers…
Peter McKinney
  • 292
  • 2
  • 12
2
votes
2 answers

Rails 5.2 CORS blocked

thanks in advance for anyone who can help me with this !! I'm running a Rails 5.2 application with React and Webpacker, and I want to display a Gravatar icon for my users when they're logged in, but I keep getting blocked by the browser CORB. I've…
GLaDOS
  • 629
  • 1
  • 12
  • 29
2
votes
1 answer

Rails ActionController ignores request headers

I have a simple controller method that logs headers via ActionController's #headers method: class ThingsController < ActionController::Base def show Rails.logger.info headers render json: {response: 'success'} end end However, when I…
tassock
  • 1,565
  • 1
  • 14
  • 30
2
votes
0 answers

Fetch API cannot load, Redirect failed. only on Google chrome?

My site is using reactjs as a front end and using Ruby on Rails 5 api only app as a back end (store on the different host) So my front end is running on https://xxxx.com and sent the request to https://api.xxxx.com to get the data from the…
Varis Darasirikul
  • 2,591
  • 6
  • 25
  • 58
1
vote
1 answer

Rails - Allow localhost in CORS settings only in development

I'm configuring CORS settings for my rails server - I want to be able to test my backend when I run it locally, using a frontend on localhost. But, to my understanding, CORS is an important security mechanism against CSRF(?), so when the app goes to…
Sventies
  • 1,204
  • 1
  • 14
  • 30
1
2 3