I'm working on a API-Server with Rails 3 wich is pretty handy so far but I'm running across a error all the time and I'm not sure wether it is because of my Apache Setup or the Rails App.
When I try to do a HTTP DELETE or PUT request on http://sample.domain/uri/id via XHR, curl or HTTP-Client.app Rails or Apache responds with 404 or 403 (depends on the client. I think because of cors) and the Safari developer console responds with
XMLHttpRequest cannot load http://sample.domain/uri/id. Origin http://web.client/ is not allowed by Access-Control-Allow-Origin.
I'm using mod_rack aka mod_rails on a Apache2 and my vhost actually contains this:
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods POST,GET,DELETE,PUT,OPTIONS
Header set Access-Control-Allow-Headers X-Requested-With
The Apache error_log responds with the following error:
[Sat Oct 30 01:37:34 2010] [error] [client 22.222.222.22] client denied by server configuration: /path/to/rails/folder/public, referer: http://web.client/
Rails development.log responds with
Started OPTIONS "/uri/id" for 84.190.123.140 at 2010-10-30 03:18:42 +0200
ActionController::RoutingError (No route matches "/uri/id"):
And here I'm nor sure why the OPTIONS call comes trough because I thought this would only be the preflight and for sure there is no route for OPTIONS because I want to respond to DELETE
If you have any idea on how to fix this problem please share it with me.
Thank you very much David
In *nix systems you need first to include/enable "Headers" module in apache
sudo a2enmod headers
then, you need to include in your vhost the following line :
Header set Access-Control-Allow-Origin: "*"