我正在尝试使用ember.js作为客户端,通过rails应用程序中的omniauth链接到第三方身份验证页面。我能够将我的服务器重定向到正确的URL,但我无法将客户端发送到那里(导致我的服务器在请求阶段无限期挂起)。我的问题是我需要在我的应用程序中的某处设置Access-Control-Allow-Origin标题,但我不知道在哪里。我目前在application_controller.rb:
class ApplicationController < ActionController::API
# Force to wants JSON for API
before_action :api_request_settings, :cors_preflight_check
after_action :cors_set_access_control_headers
def cors_preflight_check
p 'hits cors preflight check'
if request.method == :options
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = '*'
headers['Access-Control-Request-Method'] = '*'
headers['Access-Control-Max-Age'] = '1728000'
render :text => '', :content_type => 'text/plain'
end
end
def api_request_settings
p request.headers
request.format = :json
end
def cors_set_access_control_headers
p 'hits cors acces set control headers'
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = '*'
headers['Access-Control-Request-Method'] = '*'
headers['Access-Control-Max-Age'] = "1728000"
end
我做错了什么,我应该在哪里将这些标题发送到目标网页?