CORS Support
Important: These docs are for the outdated Jets 5 versions and below. For the latest Jets docs: docs.rubyonjets.com
Enable CORS
Add rack-cors to your Gemfile
Gemfile
gem "rack-cors"
Add the following initializer:
config/initializers/cors.rb
Jets.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins '*'
resource '*', headers: :any, methods: [:get, :post, :patch, :put]
end
end
Testing CORS
Here’s a curl command example to help test that CORS is working.
$ curl -H "Origin: http://example.com" \
-H "Access-Control-Request-Method: POST" \
-H "Access-Control-Request-Headers: X-Requested-With" \
-X OPTIONS --verbose \
https://pfw5gle1d8.execute-api.us-west-2.amazonaws.com/dev/ 2>&1 | grep '< HTTP'
< HTTP/2 200
You should expect a 200 reponse code.
CORS Handling
CORS support is handled differently from Jets v5 vs Jets v5.
- In Jets v5, CORS support is handled by the Jets Framework and rack-cors instead of at the API Gateway level.
- In Jets v4: CORS Support was handled with the API Gateway.
The reasons for this:
- It allows you to also check CORS support locally.
- It simplifies the implementation.
- rack-cors is more configurable and powerful.
Note: CORS is only supported for