在Ruby on Rails API中遇到問題:我已經設置了Access-Control-Allow-Origin作爲「*」在我的config/application.rb中,如下面的代碼所示。但是,當我的前端向後端API發出GET或POST請求時,我會在請求的資源上出現錯誤「No'Access-Control-Allow-Origin'標題,因此不允許Origin'http://localhost:8888'訪問。訪問控制允許來源已在Rails中設置,仍然抱怨「否」訪問控制允許來源「標題存在於請求的資源中」
require_relative 'boot'
require "rails"
# Pick the frameworks you want:
require "active_model/railtie"
require "active_job/railtie"
require "active_record/railtie"
require "action_controller/railtie"
require "action_mailer/railtie"
require "action_view/railtie"
require "action_cable/engine"
# require "sprockets/railtie"
# require "rails/test_unit/railtie"
# Require the gems listed in Gemfile, including any gems
# you've limited to :test, :development, or :production.
Bundler.require(*Rails.groups)
module MyapplicationApi
class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version.
# config.load_defaults 5.1
# Settings in config/environments/* take precedence over those specified here.
# Application configuration should go into files in config/initializers
# -- all .rb files in that directory are automatically loaded.
# Only loads a smaller set of middleware suitable for API only apps.
# Middleware like session, flash, cookies can be added back manually.
# Skip views, helpers and assets when generating a new resource.
config.api_only = true
config.action_dispatch.default_headers = {
'Access-Control-Allow-Origin' => '*',
'Access-Control-Request-Method' => %w{GET POST PUT OPTIONS}.join(",")
}
end
end
我也嘗試添加以下行不果:
'Access-Control-Request-Method' => '*',
'Access-Control-Allow-Methods' => 'POST, PUT, DELETE, GET, OPTIONS',
'Access-Control-Allow-Headers' => 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
感謝您的幫助!
可能的重複:http://stackoverflow.com/questions/17858178/allow-anything-through-cors-policy –