Home Why am I seeing a 'no-access-control-allow-origin header' error when I have rack-cors set up correctly?
Reply: 0

Why am I seeing a 'no-access-control-allow-origin header' error when I have rack-cors set up correctly?

user2106 Published in March 23, 2018, 6:55 am

I am attempting to make requests from the react front end to the rails back end, running in aws cloud 9. The servers run on different ports, and the action to make the request looks like this:

export function signUpUser(user){ 
var data = {email: user.email, password: user.password, password_confirmation: user.password};
return function(dispatch){
    dispatch({type: 'SIGN_UP_USER'})
    return fetch('https://ee55715a523f4af8bae9f5467daf644d.vfs.cloud9.us-east-2.amazonaws.com:8081/api/users', {
    method: 'POST', 
    headers: {
      'Accept': 'application/json',
      'Content-Type': 'application/json'
    body: JSON.stringify({user: data}),
    }).then(res => console.log(res))
    .catch(error => console.error('Error:', error))
    .then(response => console.log('Success:', response));

This gives the following error in the browser:

Failed to load https://ee55715a523f4af8bae9f5467daf644d.vfs.cloud9.us-east-
2.amazonaws.com:8081/api/users/sign_in: Response to preflight request 
doesn't pass access control check: No 'Access-Control-Allow-Origin' header 
is present on the requested resource. Origin 
 2.amazonaws.com' is therefore not allowed access. The response had HTTP 
status code 499. If an opaque response serves your needs, set the request's 
mode to 'no-cors' to fetch the resource with CORS disabled. 

This appears to be a CORS issue, but I have rack-cors enabled, and the following in the initializer (cors.rb) file.

Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins 'https://ee55715a523f4af8bae9f5467daf644d.vfs.cloud9.us-east-

resource '*',
  headers: :any,
  methods: %i(get post put patch delete options head)

All that said, I am confused as to why I am seeing this error. Any help is greatly appreciated! Please note that the backend api also has devise, which is why the request is written the way it is!

You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.317544 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO