Menu
I'm using rails-api to build a public json api.
I would like to respond to OPTIONS HTTP Method to take advantages of Cross-Origin Resource Sharing.
http://www.w3.org/TR/cors/
I'm doing this:
headers['Access-Control-Allow-Methods'] = 'POST, PUT, DELETE, GET, OPTIONS'
It works, but some URLs does not support all HTTP methods. In those cases I'm lying.
I don't want to configure Access-Control-Allow-Methods for each URL.
Is there a way to respond Access-Control-Allow-Methods based on my routes?
233
The HTTP OPTIONS method requests permitted communication options for a given URL or server. A client can specify a URL with this method, or an asterisk ( * ) to refer to the entire server.
You could respond with an Allowed header and even document your API in the body. You could respond with additional CORS defined Access-Control-Request-* headers. You could respond with 405 Method Not Allowed or 501 Not Implemented .
The HTTP OPTIONS method is used to describe communication options for the target resource. Browsers send an HTTP OPTIONS request to find out the supported HTTP methods and other options supported for the target resource before sending the actual request.
The OPTIONS method represents a request for information about the communication options available on the request/response chain identified by the Request-URI.
check out the rack-cors gem, it allows you to configure it like a routes file
https://github.com/cyu/rack-cors
156
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
