scott tallarida


250 Experience
2 Lessons Completed
0 Questions Solved


Posted in Trouble with part 3 of Direct Uploads to S3

I am working through your Direct Uploads to S3 series and have run into a snag that I am hoping you can help with.

Everything has worked as advertised UNTIL I added the js in episode 3. Now I am getting the following error which I understand to be a defence against cross site scripting.

XMLHttpRequest cannot load Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '' is therefore not allowed access. The response had HTTP status code 403.

I have found a bunch of hacks to get it working but all seem to be questionable from a security standpoint. How did you get around this in your demo? I am hitting S3 from Cloud9 IDE.

logo Created with Sketch.

Ruby on Rails tutorials, guides, and screencasts for web developers learning Ruby, Rails, Javascript, Turbolinks, Stimulus.js, Vue.js, and more. Icons by Icons8

© 2021 GoRails, LLC. All rights reserved.