Heroku的Rails的CORS问题 [英] Heroku Rails CORS issue
问题描述
我已经建立了我在Heroku和我试图从我的本地机器上运行一个角客户端主机一轨RESTful服务。最终,该客户端将运行添加到的PhoneGap项目。然而,现在我在测试Chrome和IE应用程序和浏览器不断下面返回错误。
XMLHtt prequest无法加载产地的http://本地主机不被访问控制允许来源允许的。
这是我得到的错误信息。我面临着这个问题推到之前的Heroku通过添加添加访问头到我的答复解决它。
after_filter:cors_set_access_control_headers#对于此控制器的所有响应,返回CORS访问控制头。高清cors_set_access_control_headers
标题['访问控制允许来源'] ='的http:// localhost'的#*
标题[访问控制允许的方法'] ='POST,GET,OPTIONS
标题[访问控制允许报头'] =%W {地接受内容类型的X请求,通过X-CSRF令牌}。加入('')
标题['访问控制,最大年龄'] =1728000
结束
这似乎并没有工作。出于某种原因,这是不是与Heroku的工作。有谁知道如何解决这个问题呢?
类的ApplicationController< ActionController的基地::
protect_from_forgery
的before_filter:cors_ preflight_check
after_filter:cors_set_access_control_headers#对于此控制器的所有响应,返回CORS访问控制头。高清cors_set_access_control_headers
标题['访问控制允许来源'] ='*'
标题[访问控制允许的方法'] ='POST,GET,OPTIONS
标题[访问控制允许报头'] =%W {地接受内容类型的X要求,随着AUTH_TOKEN的X CSRF令牌}。加入('')
标题['访问控制,最大年龄'] =1728000
结束高清cors_ preflight_check
如果request.method ==OPTIONS
标题['访问控制允许来源'] ='的http:// localhost'的
标题[访问控制允许的方法'] ='POST,GET,OPTIONS
标题[访问控制允许报头'] =%W {地接受内容类型的X要求,随着AUTH_TOKEN的X CSRF令牌}。加入('')
标题['访问控制,最大年龄'] ='1728000'
渲染:文本=> '',:CONTENT_TYPE => text / plain的'
结束
结束
结束
这似乎这样的伎俩。
I have built a rails restful service that I host on Heroku and a Angular client which I am trying to run from my local machine. Eventually this client will be run added to a phonegap project. However, for now i'm testing the application in chrome and ie and my browser keeps returning the error below.
XMLHttpRequest cannot load Origin http://localhost is not allowed by Access-Control-Allow-Origin.
This is the error message that I get. I was faced with this issue before pushing to Heroku and resolved it by adding adding access headers to my responses.
after_filter :cors_set_access_control_headers
# For all responses in this controller, return the CORS access control headers.
def cors_set_access_control_headers
headers['Access-Control-Allow-Origin'] = 'http://localhost' #*
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = %w{Origin Accept Content-Type X-Requested-With X-CSRF-Token}.join(',')
headers['Access-Control-Max-Age'] = "1728000"
end
This does not seem to work. For some reason this isn't working with Heroku. Does anyone know how to solve this issue?
class ApplicationController < ActionController::Base
protect_from_forgery
before_filter :cors_preflight_check
after_filter :cors_set_access_control_headers
# For all responses in this controller, return the CORS access control headers.
def cors_set_access_control_headers
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = %w{Origin Accept Content-Type X-Requested-With auth_token X-CSRF-Token}.join(',')
headers['Access-Control-Max-Age'] = "1728000"
end
def cors_preflight_check
if request.method == "OPTIONS"
headers['Access-Control-Allow-Origin'] = 'http://localhost'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = %w{Origin Accept Content-Type X-Requested-With auth_token X-CSRF-Token}.join(',')
headers['Access-Control-Max-Age'] = '1728000'
render :text => '', :content_type => 'text/plain'
end
end
end
That seemed to do the trick.
这篇关于Heroku的Rails的CORS问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!