我使用gem rack-cors在我的Rails 5 API中配置Cors,并将以下代码添加到我的application.rb:
config.middleware.insert_before 0, Rack::Cors, :debug => true, :logger => (-> {Rails.logger }) do
allow do
origins 'localhost:4200'
resource '*',
methods: %i(get post put patch delete options head)
end
allow do
origins 'https://mysite'
resource '*',
methods: %i(get post put patch delete options head)
end
end
当我向邮递员请求API时,Rack :: Cors调试打印:
D, [2018-04-25T13:00:02.943818 #6746] DEBUG -- : Incoming Headers:
Origin: localhost:5000
Access-Control-Request-Method:
Access-Control-Request-Headers:
来自不同Origins的请求仍然通过,我遗失了什么?