My apologies, I should have included
# cross origin policy rack middleware
gem 'rack-cors', require: 'rack/cors'
and here is what my cors initializer looks like
Rails.application.config.middleware.insert_before 0, "Rack::Cors", debug: true, logger: (-> { Rails.logger }) do
allow do
origins 'originoftheemberapp', 'anotheremberapporigin'
resource '*',
headers: :any,
methods: [:get, :post, :delete, :put, :options, :head],
credentials: true,
max_age: 0
end
end
Let me know if that does it for you. I think I picked out the important bits but I maybe missing something. This is also assuming you’re not using cookies for auth. If you are then you need to also include
Ember.$.ajaxSetup(
crossDomain: true
xhrFields:
withCredentials: true <-- this bit
)
and I think you need this too but it maybe redundant
ApplicationAdapter = DS.ActiveModelAdapter.extend(
corsWithCredentials: true <-- this bit
)
If you’re using devise cookie based sessions and ember-simple-auth this may also be interesting WARNING this is not the default way to use simple-auth and devise