【发布时间】:2017-10-07 17:14:41
【问题描述】:
在 Ruby on Rails API 中遇到 CORS 问题:我已经在 config/application.rb 中将 Access-Control-Allow-Origin 设置为“*”,如下面的代码所示。但是,当我的前端向后端 API 发出 GET 或 POST 请求时,我收到错误消息“请求的资源上不存在 'Access-Control-Allow-Origin' 标头。因此,不允许访问 Origin 'http://localhost:8888'。 "
require_relative 'boot'
require "rails"
# Pick the frameworks you want:
require "active_model/railtie"
require "active_job/railtie"
require "active_record/railtie"
require "action_controller/railtie"
require "action_mailer/railtie"
require "action_view/railtie"
require "action_cable/engine"
# require "sprockets/railtie"
# require "rails/test_unit/railtie"
# Require the gems listed in Gemfile, including any gems
# you've limited to :test, :development, or :production.
Bundler.require(*Rails.groups)
module MyapplicationApi
class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version.
# config.load_defaults 5.1
# Settings in config/environments/* take precedence over those specified here.
# Application configuration should go into files in config/initializers
# -- all .rb files in that directory are automatically loaded.
# Only loads a smaller set of middleware suitable for API only apps.
# Middleware like session, flash, cookies can be added back manually.
# Skip views, helpers and assets when generating a new resource.
config.api_only = true
config.action_dispatch.default_headers = {
'Access-Control-Allow-Origin' => '*',
'Access-Control-Request-Method' => %w{GET POST PUT OPTIONS}.join(",")
}
end
end
我也尝试添加以下行但无济于事:
'Access-Control-Request-Method' => '*',
'Access-Control-Allow-Methods' => 'POST, PUT, DELETE, GET, OPTIONS',
'Access-Control-Allow-Headers' => 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
感谢您的帮助!
【问题讨论】:
标签: ruby-on-rails cors