Question

我正在开发一个Rails API和一个单独的html5应用程序。他们不共享相同的域。如何设置我的Rails应用程序以接受跨域请求？我已将以下内容添加到ApplicationController的顶部，但没有任何运气 -

  before_filter :set_access_control_headers

  def set_access_control_headers
    headers['Access-Control-Allow-Origin'] = 'http://myfrontend.com:3002'
    headers['Access-Control-Request-Method'] = 'GET, OPTIONS, HEAD'
    headers['Access-Control-Allow-Headers'] = 'x-requested-with,Content-Type, Authorization'
  end

我在其他应用上的javascript看起来如下 -

var req = $.ajax({
  url: url,
  type: "GET",
  crossDomain: true,

  success: function(data, textStatus, jqXHR)
  {
     alert('success');
  },
  error: function(jqXHR, textStatus, errorThrown)
  {
     alert('error');
  }
});

当我运行此请求时，我在服务器日志中得到以下内容 -

Started OPTIONS "/api/search?location_uuid=22222222222222222" for 127.0.0.1 at 2013-07-15 16:49:56 -0400
Processing by Api::V1::SearchController#index as JSON
  Parameters: {"location_uuid"=>"22222222222222222"}
WARNING: Can't verify CSRF token authenticity
  User Load (20.5ms)  SELECT "users".* FROM "users" ORDER BY name DESC LIMIT 30 OFFSET 0
(63.1ms)  SELECT COUNT(*) FROM "users" 
Completed 204 No Content in 300ms (ActiveRecord: 0.0ms)

任何人都有任何关于让它正常工作的提示吗？

Answer 1

似乎将数据类型添加为JSONP可以避免跨浏览器问题：

var req = $.ajax({
  url: url,
  type: "GET",
  crossDomain: true,
  dataType: "JSONP",
  ...

有关详细信息，请参阅此问题 -

Can anyone explain what JSONP is, in layman terms?

在Rails服务器上设置跨域调用

1 个答案: