angularjs - cross domain resource sharing with rails and angular.js -

cant understand how cors work rails

in routes.rb

resources :topics   resources :test    match '/topics' => 'topics#index', :constraints => {:method => 'options'}   match '/topics/:id' => 'topics#show', :constraints => {:method => 'options'} 

in application controller

after_filter :set_access_control_headers before_filter :cor def set_access_control_headers   headers['access-control-allow-origin'] = '*'   headers['access-control-request-method'] = 'post, get' end def cor   headers["access-control-allow-origin"] = "*"   headers["access-control-allow-methods"] = %w{get post put delete options}.join(",")   headers["access-control-allow-headers"] = %w{origin accept content-type x-requested-with x-csrf-token}.join(",")   head(:ok) if request.method == 'options' end 

in angular services.js

'use strict'; var services = angular.module('angapp.services', ['ngresource']);  services.factory('topic', ['$resource', function($resource) {     return $resource('http://localhost:port/topics.json', {},{     query: {method:'get', params:{ port:':3000'}, isarray:true} }); }]);  services.factory('singletopic', ['$resource', function($resource) {     return $resource('http://localhost:port/topics/:id.json', {id: '@id' },{     get: {method:'get', params:{ port:':3000', id:'id'}, isarray:false }}); }]);  services.factory('multitopicloader',['topic', '$q', function(topic, $q){     return function() {          var delay = $q.defer();         topic.query(function(topics){             delay.resolve(topics);         }, function() {             delay.reject('unable topics');         });      return delay.promise;    }; }]);  services.factory('topicloader', ['singletopic','$route','$q', function(singletopic, $route ,$q){     return function() {     var delay = $q.defer();     singletopic.get({id: $route.current.params.topicid}, function(topic){      delay.resolve(topic);        }, function(){         delay.reject('unable fetch', + $route.current.params.topicid)     });      return delay.promise; }; }]); 

every thing works fine. implemented cors per instructions here rails, backbone, phonegap, cors (not allowed access-control-allow-origin error) , http://www.tsheffler.com/blog/?p=428

i have questions here

when commented out or removed either resources :topics or match "/topics" not work. works when both match , resources statement present in routes.rb. dont know why rails requires both match , resource statement work cors .(i tried adding :constraints => {:method => 'options'} resources :topic , removing match => "/topics" not work) in rails 4 match function in depreciated. how can in rails 4 without 'match'

i can't understand cor , set_access_control_headers do. whether server responds headers in cor function initial request browser response , headers in set_access_control_headers in final response browser.

can explain 'options' regards 'cors' , how works rails. whats use of statement head(:ok) if request.method == 'options'