vitobotta
commented
4 years ago Hi @Evlos , did you solve? It seems to me that the gem isn't working with Rails 6. Thanks
Closed Evlos closed 3 years ago
vitobotta
commented
4 years ago Hi @Evlos , did you solve? It seems to me that the gem isn't working with Rails 6. Thanks
Evlos
commented
4 years ago Hi @Evlos , did you solve? It seems to me that the gem isn't working with Rails 6. Thanks
Hi, the issue disappeared after I ran rails app:update instead of creating a new Rails 6 project and diff every file manually.
alejandracernas
commented
4 years ago I can't get rack cors to work on rails 6 neither
vitobotta
commented
4 years ago Hi @Evlos - which changes did you have to make? I have been on Rails 6 for a while now, I don't think it would make much sense to use app:update now.
Evlos
commented
4 years ago Hi @Evlos - which changes did you have to make? I have been on Rails 6 for a while now, I don't think it would make much sense to use app:update now.
Hi, I have reviewed my git commits about this upgrade. And there has been nothing much helpful changes except the changes made through app:update.
.drone.yml | 4 +-
.rubocop.yml | 2 +-
Gemfile | 30 +++----
Gemfile.lock | 346 ++++++++++++++++++++++++++++++++++++++++++++----------------------------------
app/assets/config/manifest.js | 2 +
bin/bundle | 115 +++++++++++++++++++++++++-
bin/rails | 5 ++
bin/rake | 5 ++
bin/setup | 16 ++--
bin/spring | 10 ++-
bin/yarn | 6 +-
config/application.rb | 26 ++++--
config/boot.rb | 1 +
config/cable.yml | 5 +-
config/database.yml | 10 ++-
config/environments/development.rb | 41 ++++++++--
config/environments/production.rb | 47 ++++++++---
config/environments/test.rb | 30 ++++---
config/initializers/assets.rb | 2 +-
config/initializers/content_security_policy.rb | 28 +++++++
config/initializers/inflections.rb | 6 +-
config/initializers/new_framework_defaults.rb | 2 +-
config/initializers/new_framework_defaults_6_0.rb | 45 +++++++++++
config/locales/en.yml | 2 +-
config/puma.rb | 34 ++------
config/routes.rb | 2 +-
config/secrets.yml | 22 -----
config/spring.rb | 12 +--
config/storage.yml | 34 ++++++++I'm using ruby '~> 2.7.1' and rack-cors (1.1.1). Also here are my config/application.rb, maybe there are some conflicts between frameworks and gems that I accidently avoid by doing like this.
require "rails"
# Pick the frameworks you want:
require "active_model/railtie"
require "active_job/railtie"
require "active_record/railtie"
# require "active_storage/engine"
require "action_controller/railtie"
# require "action_mailer/railtie"
# require "action_mailbox/engine"
# require "action_text/engine"
# require "action_view/railtie"
# require "action_cable/engine"
# require "sprockets/railtie"
# require "rails/test_unit/railtie"
...
yanosz
commented
4 years ago I'm also having problems wrt to rails 6.0.2.2 - no errors, but no cors http header in the output either.
@Evlos could you reopen this issue please?
Evlos
commented
4 years ago I'm also having problems wrt to rails 6.0.2.2 - no errors, but no cors http header in the output either.
@Evlos could you reopen this issue please?
Of course.
kevinhq
commented
4 years ago Upgrading from Rails 5.0 to Rails 5.2 is also breaking this. Now, we get
Access to XMLHttpRequest at
'<url>' from origin
'http://localhost:8080' has been blocked by CORSUpdate:
It's working on my end but another dev in our team is reporting this.
So, I guess this is something to do with his browser setting or one of his Chrome's extension.
No matter how I many times I try, it's working here. The CORS headers are there too.
More update
In case someone read this, the CORS problem is raised because of nginx proxies rejects the large file upload and close connection with 413 request too large.
And because there's no response from server, and the XHR uploads which send request to server with different host (from local host) raised the CORS.
cyu
commented
4 years ago Alright - I built a Rails 6 app from scratch, copied over the pretty much same setup I had in my Rails 5 example and ran through my CORS test. All green (after fixing a test bug).
One thing to note: Rails 6 has functionality built-in to block unknown hosts: https://guides.rubyonrails.org/configuring.html#configuring-middleware
If the above doesn't fix your problem, I'll need more information. I'll wait a bit, but I plan on closing this issue unless new info is provided. I've checked in the example and updated the README to reflect the information I've provided here: [#206]
@kevinhq the above solution isn't going to fix your issue, but you're giving me nothing here I can help you with. Can you create a new ticket with your config and details of how you're testing?
yanosz
commented
4 years ago Our CORS policy is refering to localhost:4200, to enable angular development. AFAIR, cors in rails 5 was fine. According to https://guides.rubyonrails.org/configuring.html#configuring-middleware localhost is known by default - still, #206 refers to an wildcard DNS record related to 127.0.0.1.
cyu
commented
4 years ago @yanosz Can you provide your middleware configuration, and maybe the network response you're seeing from with in Chrome DevTools?
Also, if you add the debug and logger options like in the example below, the middleware will dump headers and log that will help diagnose your issue:
https://github.com/cyu/rack-cors/blob/master/examples/rails5/config/initializers/cors.rb#L1
kevinhq
commented
4 years ago @cyu - Nvm about the problem I mentioned earlier. It turns out to be working when I am trying it myself. See my update above.
yanosz
commented
4 years ago well, I've to admit, that' I'm having problem to repduce this issue as of now. Everything seem to be working correctly.
@cyu Thanks four the quick response and help - especially for creating an example almost instantly! You rock. I'd like to apologies for spamming this bug tracker. Maybe, its the tide of confusion driving me here.
babasbot
commented
4 years ago I had a similar problem when I updated rack-cors from 0.4.1 to 1.0.5.
diff --git a/config/environments/development.rb b/config/environments/development.rb
index b9609b9..06cb916 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -55,8 +55,8 @@ Rails.application.configure do
# Allow any request from any origin on any resource
config.middleware.insert_before 0, Rack::Cors do
allow do
- origins '*'
- resource '*', headers: :any, methods: :any
+ origins 'localhost:3001'
+ resource '*', headers: :any, methods: :any, credentials: true
end
end
endAfter the update, I needed to include the "Access-Control-Allow-Credentials: true" header. This is needed for passing cookie credentials.
Note that a wildcard in the origin can't be used with
credentials: true.
dstagner
commented
3 years ago I solved this by setting up rack-cors in an initializer rather than in application.rb.
julesmaregiano
commented
3 years ago For those running Rails 6 trying to authorize ALL hosts, make it nil!
Rails.application.config.hosts = nil
You might also want to clean your hosts config by running Rails.application.config.hosts.clear just before setting it to nil.
Source
cyu
commented
3 years ago @julesmaregiano Rails.application.config.hosts is not part of the rack-cors middleware, but a new feature of Rails 6:
https://guides.rubyonrails.org/configuring.html#configuring-middleware
cyu
commented
3 years ago Closing this issue as it has become a mix of unrelated configuration issues. Rack CORS is compatible with Rails 6. And I do believe issues identified here have seen some kind of resolution in some way.
arifikhsan
commented
3 years ago Hi @Evlos , did you solve? It seems to me that the gem isn't working with Rails 6. Thanks
Hi, the issue disappeared after I ran
rails app:updateinstead of creating a new Rails 6 project and diff every file manually.
me too. I did rails app:update and then the cors.rb file is replaced. After that I uncomment the new code and it works.
Also add "Origin: http://localhost" in the postman request header
Hi all,
It seems rack-cors is not working on Rails 6.0.2.2 with workable configuration from Rails 5.1.
Thank you.