cyu
commented
3 years ago @Nechitadi generally, mobile APIs don't do CORS, so if you're running into issues you need to be more specific about what issues you're having.
Closed Nechitadi closed 3 years ago
cyu
commented
3 years ago @Nechitadi generally, mobile APIs don't do CORS, so if you're running into issues you need to be more specific about what issues you're having.
Nechitadi
commented
3 years ago I still want to define some origins, in order to allow only specific domains to access the API, but this way the mobile apps are not able to access the API anymore.
Something like:
Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins 'localhost:3000', '127.0.0.1:3000'
resource '*',
headers: :any,
methods: %i[get post put patch delete options head],
expose: %w[x-total x-per-page x-page content-disposition file-name]
end
endSo I need some way to have a list with allowed origins but also allow mobile apps.
Nechitadi
commented
3 years ago Sorry, my bad, I thought that mobile apps are affected if I'm using cors, but it seems that they are not.
Hello,
I'm working on an app that uses rails for backend and has web and mobile apps using the same API. Is there any way to set the origins to include all the web domains that will use the API but still allow the mobile apps to use it?
Thank you