Firefox and IE refuse to load webfonts if they're not loaded from the same domain the request came from. I'm attempting to use this gem to set the proper headers so they will accept the files.
Can this gem set access origin headers for assets in the /public directory of a Rails app?
I am wondering the same question. I have been testing it, and it doesn't seem to allow it.
You may need to set :credentials to false, if you are using a cdn and the cache populating request does not include the Origin header then the cdn will not have the cors headers. This may be a bug in rack-cors where public_resources that do not require credentials should send the cors headers even if no Origin is in the request.
(FYI Chrome does not seem to send the Origin header)
I see. Thanks for the message. I have found another gem that allows sending headers on different resources. https://github.com/thomasklemm/butler
It looks like all you have to do is make sure Rack::Cors middleware is defined before ActionDispatch::Static:
config.middleware.insert_before "ActionDispatch::Static", "Rack::Cors" do
:headers => :any,
:methods => [:get, :post, :delete, :put, :options],
:max_age => 0
I'm getting the same problem with Rails 4. I wonder if this is still applicable? Not seeing any headers being set at the moment.
What kind of stack are you running (unicorn, passenger, etc)? Also, what is the output of rake middleware and your Cors configuration?