如何禁用cors？由于某種原因，我對允許的來源和標頭進行了通配符轉換，但我的ajax請求仍然抱怨我的CORS策略不允許該來源。我的應用程序控制器：class ApplicationController < ActionController::Base  protect_from_forgery  before_filter :current_user, :cors_preflight_check  after_filter :cors_set_access_control_headers# For all responses in this controller, return the CORS access control headers.def cors_set_access_control_headers  headers['Access-Control-Allow-Origin'] = '*'  headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'  headers['Access-Control-Allow-Headers'] = '*'  headers['Access-Control-Max-Age'] = "1728000"end# If this is a preflight OPTIONS request, then short-circuit the# request, return only the necessary headers and return an empty# text/plain.def cors_preflight_check  if request.method == :options    headers['Access-Control-Allow-Origin'] = '*'    headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'    headers['Access-Control-Allow-Headers'] = '*'    headers['Access-Control-Max-Age'] = '1728000'    render :text => '', :content_type => 'text/plain'  endend  private  # get the user currently logged in  def current_user    @current_user ||= User.find(session[:user_id]) if session[:user_id]  end  helper_method :current_userend路線：  match "*all" => "application#cors_preflight_check", :constraints => { :method => "OPTIONS" }  match "/alert" => "alerts#create"  match "/alerts" => "alerts#get"  match "/login" => "sessions#create"  match "/logout" => "sessions#destroy"  match "/register" => "users#create"編輯 - -我也嘗試過：   config.middleware.use Rack::Cors do      allow do        origins '*'        resource '*',             :headers => :any,             :methods => [:get, :post, :delete, :put, :options]      end    end在application.rb中-編輯2 ---問題是我認為Chrome擴展程序可能不支持CORS。如何繞過CORS獲取信息？我應該如何應對飛行前檢查？