Rails ActiveStorageDigitalOcean Spaces CORS

April 13, 2019 313 views
Ruby on Rails Ubuntu

I’m getting a CORS error when trying to upload an image to DigitalOcean Spaces, despite it working fine in development and test.

The error is as follows:

Access to XMLHttpRequest at 'https://vglist.sfo2.digitaloceanspaces.com/KaRtoiMSiLxFpJGQHg8ZrXrC' from origin 'https://vglist.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

1 Answer
connoshea April 13, 2019
Accepted Answer

So I figured out that the reason this wasn’t working is because I needed to set up CORS, and include some headers that Rails/Spaces needed. You need to go your DigitalOcean Spaces settings, then “Add” an Advanced CORS Configuration.

Set the URL to your domain (e.g. for me it’s https://vglist.co, then allow PUT/POST (not sure if any others are necessary?). Make sure to set the allowed headers Content-Type, Content-Length, and Content-Md5.

Hopefully that helps! I got stuck on this for a while, so I wanted to create a question and answer it here :)

See also, this issue in the Rails repo: https://github.com/rails/rails/issues/32581

Have another answer? Share your knowledge.