Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

DOC: using this middleware for assets on heroku

See original GitHub issue

With Rails4 (maybe others too), heroku precompile the assets but, so… the middleware ActionDispatch::Static catch the request and respond very soon.

To define CORS for assets, don’t use config.middleware.use Rack::Cors, instead use config.middleware.insert_before ActionDispatch::Static, Rack::Cors to ensure thar CORS are applied before responding as static.

A typical scenario is “fonts” served as assets from heroku (not S3 synched), with cloudfront (or not) in the middle, requested from firefox (cors required).

I think is only necessary to update the documentation with this particular case, to avoid a lot of tears and pain to other developers.

Issue Analytics

  • State:closed
  • Created 10 years ago
  • Comments:14 (2 by maintainers)

github_iconTop GitHub Comments

2reactions
toobulkehcommented, Sep 25, 2014

Thanks Cyu, you rock! So I added this code to nginx: http://davidwalsh.name/cdn-fonts

  location ~* \.(eot|ttf|woff)$ {
    add_header Access-Control-Allow-Origin *;
  }

Which works when I query the Asset using CURL:

root@staging:/u/apps/test/current# curl -I https://staging.test.com/assets/fonts/snapy.woff
HTTP/1.1 200 OK
Server: nginx/1.2.6
Date: Thu, 25 Sep 2014 18:38:49 GMT
Content-Type: application/octet-stream
Content-Length: 11632
Last-Modified: Thu, 25 Sep 2014 17:49:34 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

It was still failing, but I had to let the nginx cache-out for it to work again from a different domain.

Thanks!

0reactions
amba178commented, May 12, 2016

this is the setting for my cors, and still does not work when deploying to heroku, any suggestions

config.middleware.insert_before ActionDispatch::Static, Rack::Cors, :debug => true, :logger => (-> { Rails.logger }) do allow do origins ‘’ resource ‘/cors’, :headers => :any, :methods => [:post], :credentials => true, :max_age => 0 resource '’, :headers => :any, :methods => [:get, :post, :delete, :put, :patch, :options, :head], :max_age => 0 end end

Read more comments on GitHub >

github_iconTop Results From Across the Web

Rails Asset Pipeline on Heroku
Caching of static assets can be implemented in-application using the Rack::Cache middleware or in a more distributed fashion with a CDN. Serving ...
Read more >
Django and Static Assets | Heroku Dev Center
Learn how to configure a Django application on Heroku properly to use static assets.
Read more >
Deploying Rack-based Apps - Heroku Dev Center
Using the Rack::Sendfile middleware will cause your file downloads to fail, because it sends a body with a Content-Length of 0. By default, ......
Read more >
Getting Started on Heroku with Rails 6.x
Creating, configuring, deploying and scaling Rails 6.x applications on Heroku, using Bundler dependency management.
Read more >
Wrenchmode | Heroku Dev Center
Using with Ruby ... For your Ruby/Rack project you will start by including the wrenchmode-rack gem. ... Finally, make sure to include the...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

rails-api & rails 4 not working with rack-cors?

Next page

uninitialized constant Rack::Cors