POST, CORS and Turbo

[curtis741]

If your using Turbo, you might see this behavior when trying to follow the redirect from Omniauth:

Where the browser POST's to the Rails server, gets the 302 redirect to Okta but then fails on CORs verification. This happens when you are using Turbo in your rails app and to fix it you should make a login button like this:

<%= button_to "Login via Okta", user_okta_omniauth_authorize_path, method: :post, form: {"data-turbo" => "false"}%>

I figured this out by following what this comment said:
hotwired/turbo#45 (comment)

This might be worth putting in the readme as a weird gotcha?

[januszm]

Life saver! PS. using the "new" (1.9 so not that new) Ruby syntax:

<%=
  button_to "Login via Okta", user_okta_omniauth_authorize_path, method: :post, data: { turbo: false }
%>