CORS issue: Getting error “No 'Access-Control-Allow-Origin' header is present” when it actually is

前端未结

关注

 4  1691

逝去的感伤 2021-02-07 14:46

I doubt the backend serving my app is important, but if you care, I\'m using rack-cors with a Rails 4.0 app.

Using jQuery, I send my app a PATCH request lik

4条回答

孤独总比滥情好 (楼主)

2021-02-07 15:40

Here is what I found to solve the issue from older SO posts to deal with csrf issues:

# In application_controller.rb
protect_from_forgery

after_filter :set_csrf_cookie

def set_csrf_cookie
  cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
end

protected

# In Rails 4.2 and above
def verified_request?
  super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
end

0 讨论(0)

查看其它4个回答