问题
I'm building an app with Rails 5 API. Currently, anyone sending request to my rails server can receive response.
I want to process only those requests whose origin is mydomain.com
How can I do so?
回答1:
I believe you'll want to implement CORS on your API.
Simply add rack-cors gem.
And add:
#config/application.rb
config.middleware.insert_before 0, Rack::Cors do
allow do
origins 'mydomain.com' resource '*', :headers => :any, :methods => [:get, :post, :options]
end
end
Please read carefully its documentation
You'll find very useful information there.
来源:https://stackoverflow.com/questions/39185925/check-origin-in-rails-5-api