Cross-Origin Resource Sharing (CORS)

Ruby Talks #7

Szubrycht Kamil

CORS flow

Text

Browsers support

Chrome 3+
Firefox 3.5+
Opera 12+
Safari 4+
Internet Explorer 8+

Don't detect browser. Detect technology.

rack-cors

module YourApp
  class Application < Rails::Application

    # ...

    config.middleware.insert_before 0, "Rack::Cors" do
      allow do
        origins '*' # or any domain
        # origins 'localhost:3000'
        resource '*', :headers => :any, :methods => [:get, :post, :options]
        # resource '/public/*', :headers => 'x-domain-token', :methods => :get
      end
    end

  end
end

RT#7: Cross-Origin Resource Sharing

By Kamil Szubrycht

RT#7: Cross-Origin Resource Sharing

650

Kamil Szubrycht

kamilszubrycht