Rails/Webpacker (public) "packs/media" directory not getting Access-Control-Allow-Origin header

[jhirn]

Hello. I'm using the most promiscuous settings possible for rack-cors:

config.middleware.insert_before 0, Rack::Cors do
      allow do
        origins '*'
        resource '*', :headers => :any, :methods => [:get, :post, :options]
      end
    end

And still not getting the Access-Control-Allow-Origin field when making a request for a font resource from my stylesheet. I thought the proxy passthrough would just return all headers set by the server and I would not have to play with nginx configuration but I've had to add the following to my nginx config. When I make a request directly

  location ~* \.(eot|css|otf|ttf|woff|woff2)$ {
    add_header Access-Control-Allow-Origin *;
  }

This is the CURL command I was running and not seeing the header.

curl -H "Origin: https://..." \                            
        -H "Access-Control-Request-Method: GET" \
        -H "Access-Control-Request-Headers: X-Requested-With" \
        -X GET --verbose -I lhttps://.../packs/media/webfonts/fa-solid-900-64b3e814.woff2

whereas when hitting the /login url the header was present.

curl -H "Origin: https://..." \                            
        -H "Access-Control-Request-Method: GET" \
        -H "Access-Control-Request-Headers: X-Requested-With" \
        -X GET --verbose -I https://.../login

(note the domains in ... were the same)

It's almost like the statically served asset weren't hitting the middleware, but I thought they should. Any other information I can provide please let me know. This one kind of stumped me for longer than I wished it would have

[jhirn]

Closing this. Not sure what, but it was an issue with other nginx conifg that we moved away from.