Trouble with part 3 of Direct Uploads to S3

scott tallarida asked December 3, 2016 5:21pm in Rails

scott tallarida December 3, 2016 5:21pm

I am working through your Direct Uploads to S3 series and have run into a snag that I am hoping you can help with.

Everything has worked as advertised UNTIL I added the js in episode 3. Now I am getting the following error which I understand to be a defence against cross site scripting.

XMLHttpRequest cannot load https://triggerchicago.s3.amazonaws.com/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://rails-tutorial-stallarida.c9users.io' is therefore not allowed access. The response had HTTP status code 403.

I have found a bunch of hacks to get it working but all seem to be questionable from a security standpoint. How did you get around this in your demo? I am hitting S3 from Cloud9 IDE.

Join the discussion

Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more. Icons by Icons8

Courses

Rails for Beginners

Advanced Ruby: Behind the Magic

Payments with Rails Master Class

Refactoring Rails

Apps

Hatchbox.io

Jumpstart Rails SaaS Template

Other

Remote Ruby Podcast

Rails Hackathon

Beginner Bounties

Ruby on Rails Job Board

Notifications

Trouble with part 3 of Direct Uploads to S3

Want to stay up-to-date with Ruby on Rails?

Solutions

Support

Company

Legal