Ask A Question

Notifications

You’re not receiving notifications from this thread.

Trouble with part 3 of Direct Uploads to S3

scott tallarida asked in Rails

I am working through your Direct Uploads to S3 series and have run into a snag that I am hoping you can help with.

Everything has worked as advertised UNTIL I added the js in episode 3. Now I am getting the following error which I understand to be a defence against cross site scripting.

XMLHttpRequest cannot load https://triggerchicago.s3.amazonaws.com/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://rails-tutorial-stallarida.c9users.io' is therefore not allowed access. The response had HTTP status code 403.

I have found a bunch of hacks to get it working but all seem to be questionable from a security standpoint. How did you get around this in your demo? I am hitting S3 from Cloud9 IDE.

Reply
Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 79,047+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more.

    © 2023 GoRails, LLC. All rights reserved.