Trouble with part 3 of Direct Uploads to S3

I am working through your Direct Uploads to S3 series and have run into a snag that I am hoping you can help with.

Everything has worked as advertised UNTIL I added the js in episode 3. Now I am getting the following error which I understand to be a defence against cross site scripting.

XMLHttpRequest cannot load https://triggerchicago.s3.amazonaws.com/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://rails-tutorial-stallarida.c9users.io' is therefore not allowed access. The response had HTTP status code 403.

I have found a bunch of hacks to get it working but all seem to be questionable from a security standpoint. How did you get around this in your demo? I am hitting S3 from Cloud9 IDE.

Rails for Beginners

Advanced Ruby: Behind the Magic

Payments with Rails Master Class

Refactoring Rails

Learn Hotwire

Install and Deploy Rails Guides

Hatchbox.io

Jumpstart Rails SaaS Template

Remote Ruby Podcast

GoRails Open Source

Rails Hackathon

Beginner Bounties

Ruby on Rails Job Board

Notifications

Trouble with part 3 of Direct Uploads to S3

Want to stay up-to-date with Ruby on Rails?