Heroku, Rails 4, and Rack::Cors

I ran into the same problem with heroku. I found this blog with the same rack-cors issue.

Just moved the use Rack::Cors to config.ru, redeployed to heroku and it works.

require ::File.expand_path('../config/environment',  __FILE__)
run Rails.application

require 'rack/cors'
use Rack::Cors do

  # allow all origins in development
  allow do
    origins '*'
    resource '*', 
        :headers => :any, 
        :methods => [:get, :post, :delete, :put, :options]
  end
end

It looks like the issue is being caused by my machine or the network I am on. I SSHed into a hosting environment I use and used the curl command above and it worked.

Additional Note Here is something else that just happened that I thought I ought to add to this. My AJAX request was not to the https URL for my Heroku app, but Heroku was translating it be https. This was causing an additional cross-origin issue. Switching to use https for the AJAX request fixed this.


Ok thanks to Jason I was able to figure out the root cause for me. I had the Cisco AnyConnect VPN client installed and it was blocking CORS requests.

You can find out more here: http://www.bennadel.com/blog/2559-Cisco-AnyConnect-VPN-Client-May-Block-CORS-AJAX-OPTIONS-Requests.htm

Uninstalling it all of a sudden allowed everything to work!