CORS - thuy-econsys/rails_app GitHub Wiki

# config/application.rb
module RailsApp
  class Application < Rails::Application
...
    config.session_store :cookie_store, key: '_interslice_session'
    config.middleware.use ActionDispatch::Cookies # Required for all session management
    config.middleware.use ActionDispatch::Session::CookieStore, config.session_options
  end
end

# config/initializers/cors.rb
Rails.application.config.middleware.insert_before 0, Rack::Cors do 
  allow do
    origins %w(http://localhost:3000)

    resource '*',
      headers: :any,
      expose: %w(access-token expiry token-type uid client),
      methods: %i(get post put delete options)
  end
end