Yes, you can, by specifying an origin whitelist in Sinatra's options:
configure do
set :protection, :origin_whitelist => ['http://example.com']
end
Replace http://example.com
with the URL where you're sending the POST request from.
Question
Hi I have a static website hosted on AWS S3 and I would like to be able to send emails from the "Contact Us form on the page". Is it possible to have a Sinatra server running on a different domain, lets say Heroku that would handle the POST and send an email.
I have the email portion from Sinatra working but every time I POST on my local I get
WARN -- : attack prevented by Rack::Protection::HttpOrigin
My form is this <form action="http://localhost:4567/contact" method="post">
.
If I understand correctly this should work because I am not using JavaScript, but I am not sure.
Also, is it possible to have my static site auto redirect me to the index page or do I need to do that from Sinatra?
Thank you for your help.
Solution
Yes, you can, by specifying an origin whitelist in Sinatra's options:
configure do
set :protection, :origin_whitelist => ['http://example.com']
end
Replace http://example.com
with the URL where you're sending the POST request from.