Rack-Rack and Access-Control-Allow-Origin Header Setting
Is there a way to set the "Access-Control-Allow-Origin" header value when using the rack gem?
We are using https://github.com/cyu/rack-cors hard drive to manage the CORS app for Grape.
I want to send a permanent redirect and redirect them from the current subdomain to another subdomain. Grape code:
redirect 'subdomain2.oursite.com, 'Access-Control-Allow-Origin' => '*',permanent: true
But this will not work, as the racks overwrite the value of the Access-Control-Allow-Origin header with the current url that is being requested, which is causing the CORS preview error.
So you need a way to set the value.
+3
source to share
1 answer
I had a similar problem with my API and came across this question here. There is no active solution yet, I managed to find one that worked for me.
class Api::BaseController < ActionController::API
respond_to :json
before_filter :set_cors_header
after_filter :cors_set_access_control_headers
def cors_set_access_control_headers
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, PUT, DELETE, GET, OPTIONS'
headers['Access-Control-Request-Method'] = '*'
headers['Access-Control-Allow-Headers'] = 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
end
def set_cors_header
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, PUT, DELETE, GET, OPTIONS'
headers['Access-Control-Request-Method'] = '*'
headers['Access-Control-Allow-Headers'] = 'Origin, X-Requested-With, Content-Typee, Accept, Authorization'
end
end
0
source to share