Reputation: 51186
Unpredictable Access-Control-Allow-Origin behavior
I have a Rails app with the following action:
def some_action
headers['Access-Control-Allow-Origin'] = 'http://www.example.com'
headers['Access-Control-Request-Method'] = 'GET'
headers['Access-Control-Max-Age'] = '1728000'
n = Model.getNumber
render :json => {:count => n}
end
I have some jQuery on example.com that does a $.getJSON on that action. Strangely, the behavior is completely unpredictable. Running those GET requests every few seconds, about 50% of them fail with the dreaded "Origin http://www.example.com is not allowed by Access-Control-Allow-Origin" message.
I really would have expected it to either work 100% of the time or fail 100% of the time. Why would it behave differently across multiple requests, seconds apart from the same browser?
Edit: I am caching that action... not sure if that makes any difference.
Upvotes: 1
Views: 262
Answers (1)
Reputation: 47893
It sounds like an caching issue to me. If you are using an HTML cache it might be dropping the headers or if you are caching the data in your code make sure the headers get added regardless.
Upvotes: 3
Related Questions
- XHR doesn't work because "Origin is not allowed by Access-Control-Allow-Origin"
- CORS issue: Getting error "No 'Access-Control-Allow-Origin' header is present" when it actually is
- CORS enabled in Apache, but AJAX not working (chrome says origin not allowed)
- Access-Control-Allow-Origin in Chrome doesn't work, but in FF works
- $.GET to localhost in Rails. Temporary solution for 'Access-Control-Allow-Origin'?
- Access-Control-Allow-Origin getJSON Rails
- Yet another CORS issue?
- How to fix Access-Control-Allow-Origin error from a remote site
- Impossible to cross site ajax api calls in a chrome extension?
- Access-Control-Allow-Origin issues