Calvin Yu
Calvin Yu
There is a way to enable some logging, but it only logs where there's a resource hit, and not misses. That gives me an idea though - I can probably...
Mind sending me your final configuration?
Thanks! FYI - I committed some changes to return some diagnostic headers when debug mode is enabled: 8456a39
I'm guessing there wasn't a location header in the response. If you're using chrome or safari you can see the headers from the inspector.
It think the current implementation is the correct behavior. Step one of the CORS spec states that any simple request without an `Origin` header is outside the scope of the...
I haven't had the opportunity to understand async handling in Rack works. I'll try to block off some time to look into this.
@styliii I don't think this is related to Rack::CORS. Take a look at this: https://stackoverflow.com/questions/65688157/why-is-my-http-origin-header-not-matching-request-base-url-and-how-to-fix I'm guessing you're not running behind nginx, but something is not lining up in either...
https://guides.rubyonrails.org/configuring.html#actiondispatch-hostauthorization
@julik I'll be honest, I'm not sure what's happening that's preventing the headers from being provided. If you can provide an working example, I'll take a look, fix if I...
@coneybeare Your issue is an issue with cross origin frames: http://stackoverflow.com/questions/25098021/securityerror-blocked-a-frame-with-origin-from-accessing-a-cross-origin-frame