Use this if you don't care about CORS problems and never want to see them again.
Don't use this if you have more complex CORS policies.
CORS is a bitch. It's annoying when you just want to develop your application. You need to GET/POST/PUT/DELETE to some api in a browser but it's stopping you. Drop this rack middleware into your stack and make that it work.
Access-Control-Accept-Origin: *.Access-Control-Request-Method for
Access-Control-Allow-Method for preflight requests.Access-Control-Request-Headers for
Access-Control-Allow-Headers for preflight requests.Access-Control-Expose-Headers.Access-Control-Accept-Headers.Access-Control-Accept-Origin: * to simple requests.CORS preflight requests are sent as OPTIONS requests to whatever URL the
request will made to. Browsers add Access-Control-Request-Method and
Access-Control-Request-Headersto these requests. The middleware short
circuit these reqeusts to return the CORS response. So be warned: If
your application accepts OPTIONS for routing then you should not use
this code.
Add this line to your application's Gemfile:
gem 'manifold'
And then execute:
$ bundle
Or install it yourself as:
$ gem install manifold
# config.ru
require 'manifold'
Manifold.expose += %w(X-Custom-Header)
use Manifold::Middleware
run MyApp
Manifold integrates cleanly with Rails. It inserts it's middleware at
the top of the stack and exposes it's configuration through
Rails.config. Manifold also add exposes headers added by Rails for
CORS.
# application.rb
config.manifold.accept += %w(X-Custom-Input-Header) # add custom headers you need
config.manifold.expose += %(X-Custom-Output-Header)
git checkout -b my-new-feature)git commit -am 'Added some feature')git push origin my-new-feature)FAQs
Unknown package
We found that manifold demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A new site reviews software projects to reveal if they’re truly FOSS, making complex licensing and distribution models easy to understand.
Security News
Astral unveils pyx, a Python-native package registry in beta, designed to speed installs, enhance security, and integrate deeply with uv.
Security News
The Latio podcast explores how static and runtime reachability help teams prioritize exploitable vulnerabilities and streamline AppSec workflows.