admin管理员组文章数量:1395785
I'm developing a Rails API, and a separate html5 application. They do not share the same domain. How do I set up my Rails application to accept cross-domain requests? I have added the following to the top of my ApplicationController, but without any luck -
before_filter :set_access_control_headers
def set_access_control_headers
headers['Access-Control-Allow-Origin'] = ':3002'
headers['Access-Control-Request-Method'] = 'GET, OPTIONS, HEAD'
headers['Access-Control-Allow-Headers'] = 'x-requested-with,Content-Type, Authorization'
end
My javascript on my other app looks as follows -
var req = $.ajax({
url: url,
type: "GET",
crossDomain: true,
success: function(data, textStatus, jqXHR)
{
alert('success');
},
error: function(jqXHR, textStatus, errorThrown)
{
alert('error');
}
});
When I run this request, I get the following in my server log -
Started OPTIONS "/api/search?location_uuid=22222222222222222" for 127.0.0.1 at 2013-07-15 16:49:56 -0400
Processing by Api::V1::SearchController#index as JSON
Parameters: {"location_uuid"=>"22222222222222222"}
WARNING: Can't verify CSRF token authenticity
User Load (20.5ms) SELECT "users".* FROM "users" ORDER BY name DESC LIMIT 30 OFFSET 0
(63.1ms) SELECT COUNT(*) FROM "users"
Completed 204 No Content in 300ms (ActiveRecord: 0.0ms)
Anyone have any tips in getting this to work correctly?
I'm developing a Rails API, and a separate html5 application. They do not share the same domain. How do I set up my Rails application to accept cross-domain requests? I have added the following to the top of my ApplicationController, but without any luck -
before_filter :set_access_control_headers
def set_access_control_headers
headers['Access-Control-Allow-Origin'] = 'http://myfrontend.:3002'
headers['Access-Control-Request-Method'] = 'GET, OPTIONS, HEAD'
headers['Access-Control-Allow-Headers'] = 'x-requested-with,Content-Type, Authorization'
end
My javascript on my other app looks as follows -
var req = $.ajax({
url: url,
type: "GET",
crossDomain: true,
success: function(data, textStatus, jqXHR)
{
alert('success');
},
error: function(jqXHR, textStatus, errorThrown)
{
alert('error');
}
});
When I run this request, I get the following in my server log -
Started OPTIONS "/api/search?location_uuid=22222222222222222" for 127.0.0.1 at 2013-07-15 16:49:56 -0400
Processing by Api::V1::SearchController#index as JSON
Parameters: {"location_uuid"=>"22222222222222222"}
WARNING: Can't verify CSRF token authenticity
User Load (20.5ms) SELECT "users".* FROM "users" ORDER BY name DESC LIMIT 30 OFFSET 0
(63.1ms) SELECT COUNT(*) FROM "users"
Completed 204 No Content in 300ms (ActiveRecord: 0.0ms)
Anyone have any tips in getting this to work correctly?
Share Improve this question asked Jul 15, 2013 at 21:18 BlakeBlake 2,3973 gold badges25 silver badges35 bronze badges 3- Stupid but - do you have implemented action for OPTIONS? How does you route for this look like? – Mike Szyndel Commented Jul 15, 2013 at 21:28
-
1
Try
after_filterinstead ofbefore_filter. – mccannf Commented Jul 15, 2013 at 21:53 - That's an interesting observation. In my request I specify GET, but the log indicates the OPTIONS header is being set. The route looks like this - namespace :api, defaults: {format: 'json'} do scope module: :v1 do match "/search", :to => "search#index" end end – Blake Commented Jul 15, 2013 at 21:54
1 Answer
Reset to default 4It seems that adding the data-type as JSONP avoids the cross browser problems:
var req = $.ajax({
url: url,
type: "GET",
crossDomain: true,
dataType: "JSONP",
...
See this question for more info -
Can anyone explain what JSONP is, in layman terms?
本文标签: javascriptSetting up crossdomain calls on Rails serverStack Overflow
版权声明:本文标题:javascript - Setting up cross-domain calls on Rails server - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1744654574a2617886.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论