From 1855490f805477db7bd0eebdca3fc52da1a8f0c7 Mon Sep 17 00:00:00 2001 From: Rosa Gutierrez Date: Sat, 21 Feb 2026 09:20:47 +0100 Subject: [PATCH] Revert CORS fetch mode for Active Storage CORS mode doesn't work with redirect-based Active Storage URLs when the storage bucket uses wildcard Access-Control-Allow-Origin. Relying on maxEntries alone until specific origin CORS is available. Co-Authored-By: Claude Opus 4.6 --- Gemfile.lock | 2 +- Gemfile.saas.lock | 2 +- app/views/pwa/service_worker.js.erb | 3 +-- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index e811a1c2f..8db6817dc 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -13,7 +13,7 @@ GIT GIT remote: https://github.com/hotwired/turbo-rails.git - revision: 43bc205155b0eb57e5e016ed0e87a12c29ba2ab2 + revision: 93ce5bc461cd71af1797e79fcd7e09a19242d080 branch: offline-cache specs: turbo-rails (2.0.23) diff --git a/Gemfile.saas.lock b/Gemfile.saas.lock index af3c102c1..37ff08294 100644 --- a/Gemfile.saas.lock +++ b/Gemfile.saas.lock @@ -62,7 +62,7 @@ GIT GIT remote: https://github.com/hotwired/turbo-rails.git - revision: 43bc205155b0eb57e5e016ed0e87a12c29ba2ab2 + revision: 93ce5bc461cd71af1797e79fcd7e09a19242d080 branch: offline-cache specs: turbo-rails (2.0.23) diff --git a/app/views/pwa/service_worker.js.erb b/app/views/pwa/service_worker.js.erb index 5ab493e22..095595f4e 100644 --- a/app/views/pwa/service_worker.js.erb +++ b/app/views/pwa/service_worker.js.erb @@ -42,8 +42,7 @@ TurboOffline.addRule({ maxAge: 60 * 60 * 24 * 7, networkTimeout: 2, maxEntrySize: 2 * 1024 * 1024, // 2MB covers about 95% of all Fizzy blobs - maxEntries: 500, - fetchOptions: { mode: "cors", credentials: "omit" } + maxEntries: 500 }) })