CORS setup - "Access-Control-Allow-Origin" with ruby

I am new to coding and am currently learning Devise / Omniauth. I am working on a tutorial to allow a user to connect to Facebook via Omniauth as an example, but get the following error in the console:

XMLHttpRequest cannot load https://www.facebook.com/dialog/oauth?client_id=... No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.

      

        
        
        
      

    

I understand that for security reasons, some browsers do not allow CORS request. I found a lot of related topics in the StackOverflow ( link1 , link2 , link3 , link4 , link5 ), and that the main thing - to allow

Access-Control-Allow-Origin: *

      

        
        
        
      

    

I tried and couldn't get it to work. Since I am using ruby ​​I also found out that there is a gem called ( Rack-Cors ) to allow CORS requests with ruby ​​and the thought to myself "Cool I'm saved" but I couldn't get it to work.

Running option and because I am running Chrome I also tried to open chrome this way

open /Applications/Google\ Chrome.app --args --disable-web-security

      

        
        
        
      

    

It didn't work either. I've tried different things over the past days and can't get the Omniauth Facebook login (PS: I've allowed access to http: // localhost: 3000 / in the Facebook developer settings page of my app)

Please attach a link to my Github repository : repository

What am I doing wrong? Is there some specific CORS setup I'm missing? If anyone can help or know how to make it work with ruby ​​/ chrome it would be greatly helpful. Thank.