CODEWITHSUNDEEP
ruby-on-rails
user3814030
user3814030

Reputation: 1283

enable cors on a rails application

On my application_controller.rb I have the following code

class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :init_headers

def init_headers
    headers['Access-Control-Allow-Origin'] = '*'
    headers['Access-Control-Allow-Methods'] = 'POST, PUT, DELETE, GET, OPTIONS'
    headers['Access-Control-Request-Method'] = '*'
    headers['Access-Control-Allow-Headers'] = 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
end
end

I am also using the a chrome plugin Allow-Control-Allow-Origin when I am running the angularjs front end I am getting the following error. XMLHttpRequest cannot load Response for preflight has invalid HTTP status code 404

Upvotes: 3

Views: 526

Answers (1)

Richard Peck
Richard Peck

Reputation: 76774

Firstly, I'd highly recommend using the Rack-CORS gem.

Instead of messing around with your ApplicationController, you'll be able to run rules from your config settings.

It handles CORS from the middleware, so you'll be able to create app-wide rules as follows:

#config/application.rb
...
config.middleware.insert_before 0, "Rack::Cors" do
   allow do
      origins '*'
      resource '*', :headers => :any, :methods => [:get, :post, :options]
   end
end
...

Their documentation is very good and self explanatory.

--

In regards your error, the 404 code suggests that you're trying to access a resource which simply doesn't exist. Either the URL or the routes won't be picking up the request.

Upvotes: 3

Related Questions