Written by Michael Nikitochkin
on June 14, 2017

Allow Multiple Access Control Requests for Rails

If you have problem with sending XHR requests from different domains, it will be problematic to get content, because

XMLHttpRequest cannot load http://different.domain.local:3000/visits. Origin http://localhost:3000 is not allowed by Access-Control-Allow-Origin.

The solution is to setup response headers: Access-Control-Request-Method, Access-Control-Allow-Origin.

headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Request-Method'] = '*'

cors-headers.rb view raw

Example for rails:

#app/application_controller.rb
after_action :set_access_control_headers
def set_access_control_headers
  headers['Access-Control-Allow-Origin'] = '*'
  headers['Access-Control-Request-Method'] = '*'
end

cors-rails.rb view raw

You can look into sources of the sample Sinatra application in GitHub. Demo live in Heroku. Or use these samples.

← → Top