Ask A Question

Notifications

You’re not receiving notifications from this thread.

Trouble with part 3 of Direct Uploads to S3

scott tallarida asked in Rails

I am working through your Direct Uploads to S3 series and have run into a snag that I am hoping you can help with.

Everything has worked as advertised UNTIL I added the js in episode 3. Now I am getting the following error which I understand to be a defence against cross site scripting.

XMLHttpRequest cannot load https://triggerchicago.s3.amazonaws.com/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://rails-tutorial-stallarida.c9users.io' is therefore not allowed access. The response had HTTP status code 403.

I have found a bunch of hacks to get it working but all seem to be questionable from a security standpoint. How did you get around this in your demo? I am hitting S3 from Cloud9 IDE.

Reply
Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 82,969+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.