使用 Rails5 和 ActionCable 时不允许请求来源:http://localhost:3001 [英] Request origin not allowed: http://localhost:3001 when using Rails5 and ActionCable

问题描述

Rails 5.0.0.beta2 中的应用程序在尝试使用 ActionCable 时遇到服务器问题.

Having server issues with an app in Rails 5.0.0.beta2 trying to use ActionCable.

使用 localhost:3000 工作正常，因为这是大多数 ActionCable 的默认设置.但是如果我尝试在端口 3001 上运行 rails 服务器，它会给我 Request origin not allowed: http://localhost:3001

Using localhost:3000 works fine, as that is what most of ActionCable defaults to. But if I try to run the rails server on port 3001, it gives me Request origin not allowed: http://localhost:3001

ActionCable 文档提到使用类似 ActionCable.server.config.allowed_request_origins = ['http://localhost:3001'] 之类的东西，如果我把它放在 config 中，它对我有用.ru

The ActionCable docs mention using something like ActionCable.server.config.allowed_request_origins = ['http://localhost:3001'] which does work for me if I put it in config.ru

但这似乎是一个非常奇怪的地方.我觉得它应该可以进入初始化文件，或者我的 development.rb 环境配置文件.

But that seems like a really weird place to put it. I feel like it should be able to go in an initializer file, or my development.rb environment config file.

为了进一步证明我的观点，它应该被允许进入那里，设置 ActionCable.server.config.disable_request_forgery_protection = true 可以忽略请求源，即使当我将它包含在 development.rb 中时.

To further prove my point that it should be allowed to go in there, the setting ActionCable.server.config.disable_request_forgery_protection = true works to ignore request origin, even when I include it in development.rb.

为什么 ActionCable.server.config.disable_request_forgery_protection 会在 development.rb 中工作，但 ActionCable.server.config.allowed_request_origins 不会(但在 config.rb 中工作)嗯)?

Why would ActionCable.server.config.disable_request_forgery_protection work in development.rb, but ActionCable.server.config.allowed_request_origins doesn't (but does work in config.ru)?

不是一个紧迫的问题，因为我有几个选项可以解决.我只是想知道我是否遗漏了一些关于我认为它应该如何工作的明显内容.

Not a pressing issue, since I have several options as a work around. I just want to know if I'm missing something obvious about how I imagine this should be working.

推荐答案

你可以把Rails.application.config.action_cable.allowed_request_origins = ['http://localhost:3001'] 在你的 development.rb 中

You can put Rails.application.config.action_cable.allowed_request_origins = ['http://localhost:3001'] in your development.rb

参见 https://github.com/rails/rails/tree/master/actioncable#allowed-request-origins 了解更多信息

这篇关于使用 Rails5 和 ActionCable 时不允许请求来源:http://localhost:3001的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！