Fix CORS issues when using minio in development (#2814)

Move MinIO from minio.localhost to minio.fizzy.localhost, which makes
it same-site with the app, so the CORS redirect succeeds.

The service worker fetches Active Storage URLs with `mode: "cors"` so
it can inspect response sizes for offline caching. Active Storage's
redirect controller returns a 302 to the MinIO presigned URL. When
that redirect crosses site boundaries (from fizzy.localhost to
minio.localhost), the browser sets the Origin header to "null" on the
redirected request per the Fetch spec, which fails the CORS check and
produces net::ERR_FAILED.
This commit is contained in:
Mike Dalessio
2026-04-08 16:06:38 -04:00
committed by GitHub
parent 7bd3df33b8
commit 45d165749f
3 changed files with 4 additions and 4 deletions
+2 -2
View File
@@ -34,8 +34,8 @@ Rails.application.configure do
# Store uploaded files on the local file system (see config/storage.yml for options).
if Rails.root.join("tmp/minio-dev.txt").exist?
config.active_storage.service = :devminio
config.x.content_security_policy.connect_src = "http://minio.localhost:39000"
config.x.content_security_policy.img_src = "http://minio.localhost:39000"
config.x.content_security_policy.connect_src = "http://minio.fizzy.localhost:39000"
config.x.content_security_policy.img_src = "http://minio.fizzy.localhost:39000"
else
config.active_storage.service = :local
end
+1 -1
View File
@@ -9,7 +9,7 @@ local:
devminio:
service: S3
bucket: fizzy-dev-activestorage
endpoint: "http://minio.localhost:39000"
endpoint: "http://minio.fizzy.localhost:39000"
force_path_style: true
request_checksum_calculation: when_required # default is when_supported with CRC64NVME checksum which FlashBlade doesn't support
response_checksum_validation: when_required # default is when_supported with CRC64NVME checksum which FlashBlade doesn't support