Rails,REST架构和HTML 5:跨域请求与预先请求 [英] Rails, REST Architecture and HTML 5: Cross domain requests with pre-flight requests
问题描述
在开发一个项目,使我们的网站HTML 5友好,我们渴望拥抱跨域请求的新方法(没有更多的通过隐藏的iframe!)。使用访问控制规范,我们开始设置一些测试来验证各种浏览器。
While working on a project to make our site HTML 5 friendly, we were eager to embrace the new method for Cross Domain requests (no more posting through hidden iframes!!!). Using the Access Control specification we begin setting up some tests to verify the behaviour of various browsers.
当前Rails RESTful架构依赖于四个HTTP动词:GET,POST,PUT,DELETE。但是在访问控制规范中,它规定非简单方法(PUT,DELETE)需要使用HTTP动词OPTIONS的预飞行请求。此外,在测试期间,我们发现Firefox 3.5.8飞行前POST请求。
The current Rails RESTful architecture relies on the four HTTP verbs: GET, POST, PUT, DELETE. However in the Access Control spec, it dictates that non-simple methods (PUT, DELETE) require a pre-flight request using the HTTP verb OPTIONS. In addition during testing we discovered that Firefox 3.5.8 pre-flight POST requests as well.
我的问题是这个。有人知道任何项目的Rails框架工作来解决这个问题吗?如果没有,关于支持OPTIONS方法的最佳策略的任何意见,因为它必须支持所有POST,PUT,DELETE方法的路由?
My question is this. Is anyone aware of any project for the Rails framework working to address the issue? If not, any opinions about the best strategy to support the OPTIONS method, since it has to support the routes for all the POST, PUT, DELETE methods?
推荐答案
几天前我发布了一个Gem,通过Rack Middleware实现CORS支持:
I released a Gem a couple of days ago that implements CORS support via a Rack Middleware:
http://github.com/cyu/rack-cors
关于检查CORS请求,我无法获得预检请求在Chrome中工作(通过简单的CORS请求工作正常)。搜索Internets表明可能不支持。我在Chrome论坛中提出了有关此问题的问题,但尚未收到回应。
Regarding preflight CORS requests, I couldn't get preflight requests working in Chrome (through simple CORS requests work fine). Searching around the Internets suggests that it might not be supported. I've asked questions in the Chrome forum about this, but haven't heard a response yet.
这篇关于Rails,REST架构和HTML 5:跨域请求与预先请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
