Questions tagged [rack-cors]
40 questions
11
votes
2 answers
Rails 5.1 CORS - how to set different origins for different environments
I am using the rack-cors gem with a Rail 5.1 API.
I have the following initializer as per the documentation:
config/initializers/cors.rb
module Api
Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins…
rmcsharry
- 4,357
- 4
- 50
- 87
8
votes
2 answers
ruby on rails - rack-cors multiple origins with different resources
I'm implementing CORS in my rails application using rack-cors gem for it, but I'm not sure how can i define different resources for different origins.
I need something like that:
config.middleware.insert_before 0, Rack::Cors do
allow do
…
yl2015
- 311
- 1
- 3
- 17
8
votes
0 answers
Invalid request parameters: invalid %-encoding when upload file to Rails api only server
I am working on web app that use Reactjs as a front-end and Rails5 api only app as a back-end
This is the data that i send to the server as Request payload
------WebKitFormBoundaryCD1o71UpVNpU4v86
Content-Disposition: form-data;…
Varis Darasirikul
- 2,591
- 6
- 25
- 58
5
votes
1 answer
How to enable CORS for only selected route rails
I am on Rails5 and I want to allow CORS on one of my route. Here is how I can allow CORS for all my route, but is there a way to only whitelist for one endpoint?
config.middleware.insert_before 0, Rack::Cors do
allow do
origins…
aks
- 6,072
- 4
- 43
- 68
3
votes
1 answer
ActionDispatch::Cookies not setting Set-Cookie header in response but response.set_cookie does
I have a Rails 5 API only app and want to send cookies in the response of a JSON request. When I use ActionDispatch::Cookies to set a cookie in the response of the request it doesn't set Set-Cookie header in the response. Although…
Raounak Sharma
- 155
- 1
- 2
- 12
3
votes
1 answer
Ruby on Rails Rack Cors Middleware Blacklisting
I'm working on a legacy project in Rails 4 where the rack-cors gem is used for allowing CORS. I know that there is an option to whitelist a domain.
use Rack::Cors do
allow do
origins 'localhost:3000', '127.0.0.1:3000',
…
govind_unnikrishnan
- 98
- 8
3
votes
0 answers
Not able to get rack-cors Gem to work for Rails6
I've created a widget show view in my Rails 6 application that I would like to be accessible for third party websites by using an iFrame. For managing the CORS I'm using the rack-cors Gem. But I'm not able to get it to work. Here's my setup:
The…
Sebastian Plasschaert
- 184
- 3
- 13
3
votes
0 answers
Cross Origin post to Rails site
I'm using the rack-cors gem with Rails:
https://github.com/cyu/rack-cors
I need to whitelist ONE domain so that it will allow that domain through.
I would think that this would allow traffic from the whitelisted domain . I am making a POST…
Nmuta
- 245
- 4
- 14
3
votes
1 answer
Can't access params sent in POST request from React client to Rails api
I have a React Login component running on localhost:3000. It returns a form which, on submit, uses JS fetch() to post its information to SessionsController in a rails api which runs on localhost:3001. I've alternated between using a FormData object…
David Kennell
- 1,028
- 1
- 11
- 19
3
votes
1 answer
Why isn't my CORS configuration causing the server to filter incoming requests? How can I make the server only accept requests from a specific origin?
I'd like my Rails 5 API-only app, for now running on http://localhost:3000, to only accept requests from my NodeJS front-end app, for now running on http://localhost:8888.
So I configured /config/initializers/cors.rb like…
steven_noble
- 3,817
- 9
- 39
- 74
2
votes
1 answer
Rails 6, React, Rack-Cors
I have a react app running on localhost:3001 and a rails 6 api backend on localhost:3000
I keep getting cors errors when I post from react to rails. The rails app has Rack Cors.
I've tried adding this to cors.rb in the initializers…
Peter McKinney
- 292
- 2
- 12
2
votes
2 answers
Rails 5.2 CORS blocked
thanks in advance for anyone who can help me with this
!!
I'm running a Rails 5.2 application with React and Webpacker, and I want to display a Gravatar icon for my users when they're logged in, but I keep getting blocked by the browser CORB.
I've…
GLaDOS
- 629
- 1
- 12
- 29
2
votes
1 answer
Rails ActionController ignores request headers
I have a simple controller method that logs headers via ActionController's #headers method:
class ThingsController < ActionController::Base
def show
Rails.logger.info headers
render json: {response: 'success'}
end
end
However, when I…
tassock
- 1,565
- 1
- 14
- 30
2
votes
0 answers
Fetch API cannot load, Redirect failed. only on Google chrome?
My site is using reactjs as a front end and using Ruby on Rails 5 api only app as a back end (store on the different host)
So my front end is running on https://xxxx.com and sent the request to https://api.xxxx.com to get the data from the…
Varis Darasirikul
- 2,591
- 6
- 25
- 58
1
vote
1 answer
Rails - Allow localhost in CORS settings only in development
I'm configuring CORS settings for my rails server - I want to be able to test my backend when I run it locally, using a frontend on localhost.
But, to my understanding, CORS is an important security mechanism against CSRF(?), so when the app goes to…
Sventies
- 1,204
- 1
- 14
- 30