How do I configure `Access-Control-Allow-Origin` with rails, nginx and passenger? -


i cannot access-control-allow-origin show in chrome - ultimate goal configure cors fonts rails, works in production cloudfront. though, want work in development. can see header via curl, not chrome.

i using rails 4.0, , have tried of following...

i have configured gemfile , application.rb per the rack-cors example rails 4:

gemfile

gem 'rack-cors', '~> 0.2.9', require: 'rack/cors'

config/application.rb

config.middleware.insert_before 'actiondispatch::static', 'rack::cors'     allow         origins '*'         resource '*',             :headers => :any,             :methods => [:get, :options, :head]     end end

rails console

2.0.0-p481 :001 > rails.env  => "development" 2.0.0-p481 :002 > hello::application.config.serve_static_assets  => true

bash

curl -i http://localhost:5000/assets/opensans-regular-webfont.woff  content-type: application/font-woff content-length: 22660 connection: keep-alive status: 200 ok cache-control: public, must-revalidate last-modified: wed, 30 apr 2014 23:51:57 gmt etag: "467b34801137bd4031e139839ad86370" x-request-id: c4b07b4d-1c43-44ea-9565-dfda66378f98 x-runtime: 0.046007 x-powered-by: phusion passenger 4.0.50 date: sat, 20 sep 2014 04:39:38 utc server: nginx/1.6.1 + phusion passenger 4.0.50  curl -i -h "origin: http://localhost:5000" http://localhost:5000/assets/opensans-regular-webfont.woff  content-type: application/font-woff content-length: 22660 connection: keep-alive status: 200 ok cache-control: public, must-revalidate last-modified: wed, 30 apr 2014 23:51:57 gmt etag: "467b34801137bd4031e139839ad86370" access-control-allow-origin: http://localhost:5000   # adding access-control-allow-methods: get, options, head     # -h access-control-max-age: 1728000                      # produced access-control-allow-credentials: true               # these vary: origin                                         # headers x-request-id: b9666f30-416d-4b5b-946a-bdd432bc191c x-runtime: 0.050420 x-powered-by: phusion passenger 4.0.50 date: sat, 20 sep 2014 03:45:30 utc server: nginx/1.6.1 + phusion passenger 4.0.50

chrome (v37) developer tools > network > opensans-regular-webfont.woff > headers > response headers

http/1.1 304 not modified connection: keep-alive status: 304 not modified cache-control: no-cache x-request-id: ac153b8c-e0cb-489d-94dd-90aacc10d715 x-runtime: 0.116511 x-powered-by: phusion passenger 4.0.50 date: sat, 20 sep 2014 03:41:53 utc server: nginx/1.6.1 + phusion passenger 4.0.50

i tried following alternatives, per various sources:

config.middleware.insert_before 'actiondispatch::static', 'rack::cors' config.middleware.insert_after rails::rack::logger, rack::cors config.middleware.insert_before warden::manager, rack::cors config.middleware.insert 0, rack::cors config.middleware.use rack::cors

i tried following applications.rb, per how display fontawesome in firefox using rails , cloudfront:

config.assets.header_rules = {   :global => {'cache-control' => 'public, max-age=31536000'},   :fonts  => {'access-control-allow-origin' => '*'} }

i tried following in config.ru, per cloudfront cdn rails on heroku

require 'rack/cors' use rack::cors     allow         origins '*'         resource '*', :headers => :any, :methods => :get      end  end

bundle exec rake middleware

use rack::cors use rack::sendfile use actiondispatch::static use rack::lock use #<activesupport::cache::strategy::localcache::middleware:0x007f9ec21590b0> use rack::runtime use rack::methodoverride use actiondispatch::requestid use rails::rack::logger use actiondispatch::showexceptions use actiondispatch::debugexceptions use actiondispatch::remoteip use actiondispatch::reloader use actiondispatch::callbacks use activerecord::migration::checkpending use activerecord::connectionadapters::connectionmanagement use activerecord::querycache use actiondispatch::cookies use actiondispatch::session::cookiestore use actiondispatch::flash use actiondispatch::paramsparser use rack::head use rack::conditionalget use rack::etag use warden::manager use omniauth::strategies::facebook run hello::application.routes

i tried font_assets no avail.

the server line made me think perhaps assets not being handled rails, rather nginx:

enter image description here

this means headers must added nginx, not rails, , therefore need configure nginx. turns out the ability configure nginx possible of passenger 4.0.39 - (here corresponding git diff). corresponding documentation available in passenger standalone, under advanced configuration.

an important note in documentation: the original configuration template file may change time time, e.g. because new features introduced phusion passenger. if configuration template file not contain required changes, these new features may not work properly. in worst case, standalone might malfunction. therefore, every time upgrade phusion passenger, should check whether original configuration template file has changed, , merge changes own file.

with respect note, in addition customizable copy of configuration file, create "original" copy can diff whenever upgrade passenger.

bash

cp $(passenger-config resourcesdir)/templates/standalone/config.erb config/nginx.conf.erb cp config/nginx.conf.erb config/nginx.conf.erb.original

next, add --nginx-config-template config/nginx.conf.erb web line in procfile.

procfile

web: bundle exec passenger start -p $port --max-pool-size 3 --nginx-config-template config/nginx.conf.erb

config/nginx.conf.erb

next, edit configuration file config/nginx.conf.erb finding block looks follows:

    location @static_asset {         gzip_static on;         expires max;         add_header cache-control public;         add_header etag "";     }

...and add 2 access-control lines:

    location @static_asset {         gzip_static on;         expires max;         add_header cache-control public;         add_header etag "";         add_header access-control-allow-origin *;         add_header access-control-request-method *;     }

that's it. work in production, not in development, due config.assets differences between two.

the config diff

the diff should not return now, if future updates passenger include change file, know.

diff $(passenger-config resourcesdir)/templates/standalone/config.erb config/nginx.conf.erb.original

nginx documentation

future improvements

  • restrict allow-origin
  • restrict request-method
  • restrict both headers fonts

Comments

Post a Comment

Popular posts from this blog

php - Submit Form Data without Reloading page -

i know question has been asked , answered bunch of times life of me can not solution work on code. believe if redo code, work properly, , in retrospect time i've spent on issue should have redone code...but beyond deadline , have working prototype up... can advise how update multiple forms on single page without reloading page? horrible @ php , complete noob js/jquery/ajax @ best. html/php in single file , believe causing me problems/is largest obstacle @ getting ajax form processing work. basically, want users to: select teams multiple dropdowns in form group 1 (league champs) , on update update db newly selected team without reloadding page. edit team scores per match , on score submit/update, update db new scores. for each requirement there multiple forms (1 each leagues, 1 each per match) have set class on each form id. everything works via php, form submission reloads page each time submitted , not ideal. i have tried ajax code here http://scotch.io/tutoria
Read more

linux - Rails running on virtual machine in Windows -

the reason why want switch ubuntu people said gems works better on linux on windows. i don't want macbook pro rails development since love windows , cannot stand lack of apps mac. moreover, people saying ubuntu "better" mac: http://www.reddit.com/r/ubuntu/comments/1bgj1s/are_there_advantages_of_ubuntu_over_os_x_for/ does virtual box work enough doesn't have lag @ all? using i7-3517u cpu 8gb memory. need program in environment lag-free , not sluggish. or there alternatives recommend? i unsure permission settings or complicated stuffs regarding terminal. i'll using terminal develop. i'm still quite new here development in linux. please kind me >< thanks. @holyxiaoxin pretty sure should asking on superuser instead. nevertheless, suggest install ubuntu in partition instead of running virtual machine. here's guide https://help.ubuntu.com/community/windowsdualboot also, yes. developing in virtual machine accurate, @ end experiment w
Read more

php - $params->set Array between square bracket -

i'm using k2 in joomla 3.3. i'm trying set params (items ids ) module k2_content item.php file. result must between brackets, like: ["96","68"] my code is: $query = "select * #__k2_items extra_fields_search = '$myautor' , catid !=1 " ; $db->setquery($query); $losautores = $db->loadobjectlist(); $result = array(); foreach ($losautores $key => $value) { $result[] = '" '.$value->id.' "'; } $string_version = implode(',', $result); $autoresfinal = '['.$string_version.']'; if test using print, looks ok. passing var pramas, 1064 error. $params->set('items', $autoresfinal); to test tried $autoresfinal = ["96","68"]; and works fine. idea why doesn't work? thank you. if assign ["x","y"] assigning an array . here transforming array in st
Read more