Request origin not allowed: http://localhost:3001 when using Rails5 and ActionCable

You can put Rails.application.config.action_cable.allowed_request_origins = ['http://localhost:3001'] in your development.rb

See https://github.com/rails/rails/tree/master/actioncable#allowed-request-origins for more informations


From this answer, you can also add the following code to config/environments/development.rb to allow requests from both http and https:

Rails.application.configure do
  # ...

  config.action_cable.allowed_request_origins = [%r{https?://\S+}]
end

config.action_cable.allowed_request_origins accepts an array of strings or regular expressions as the documentation states:

Action Cable will only accept requests from specified origins, which are passed to the server config as an array. The origins can be instances of strings or regular expressions, against which a check for the match will be performed.

The regex listed below will match both http and https urls from any domain so be careful when using them. It is just a matter of preference which one to use.

  • [%r{https?://\S+}] # Taken from this answer
  • [%r{http[s]?://\S+}]
  • [%r{http://*}, %r{https://*}]
  • [/http:\/\/*/, /https:\/\/*/]