CORS Support

Enable CORS

Add rack-cors to your Gemfile


gem "rack-cors"

Add the following initializer:


Jets.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins '*'
    resource '*', headers: :any, methods: [:get, :post, :patch, :put]

Testing CORS

Here’s a curl command example to help test that CORS is working.

$ curl -H "Origin:" \
    -H "Access-Control-Request-Method: POST" \
    -H "Access-Control-Request-Headers: X-Requested-With" \
    -X OPTIONS --verbose \ 2>&1 | grep '< HTTP'
< HTTP/2 200

You should expect a 200 reponse code.

CORS Handling

CORS support is handled differently from Jets v5 vs Jets v5.

  • In Jets v5, CORS support is handled by the Jets Framework and rack-cors instead of at the API Gateway level.
  • In Jets v4: CORS Support was handled with the API Gateway.

The reasons for this:

  • It allows you to also check CORS support locally.
  • It simplifies the implementation.
  • rack-cors is more configurable and powerful.

Note: CORS is only supported for