I'm implementing CORS in my rails application using rack-cors gem for it, but I'm not sure how can i define different resources for different origins.
I need something like that:
config.middleware.insert_before 0, Rack::Cors do
allow do
origins 'http://localhost:3000'
resource '/api/*', headers: :any, methods: [:get, :post, :options, :put, :delete]
end
allow do
origins 'http://localhost:6000'
resource '*', headers: :any, methods: [:get, :post, :options, :put, :delete]
end
end
So it will allow "http://localhost:3000" to access only '/api/*' and allow 'http://localhost:6000' to access all. is it possible?
is the above code the correct code/syntax for doing that?
thanks.
I know this is a little old but for those finding this I am solving this differently with Rails 5.1.4 api only
-
Origins
ENV['CORS_ORIGINS'] = 'https://domain.first.com, http://another.origin.io'
Cors
Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins ENV['CORS_ORIGINS'].split(',').map { |origin| origin.strip }
resource '*',
headers: :any,
methods: [:get, :post, :put, :patch, :delete, :options, :head]
end
end
After checking and testing it turns out it is the right syntax. You can add as many blocks as you need:
allow do
origins '[the domain]'
resource '[the resource/directories]', headers: :any, methods: [:get, :post, :options, :put, :delete]
end
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With