cors

package module
v0.0.0-...-553b920 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 16, 2014 License: Apache-2.0 Imports: 5 Imported by: 70

README

cors wercker status

Martini middleware/handler to enable CORS support.

Usage

import (
  "github.com/go-martini/martini"
  "github.com/martini-contrib/cors"
)

func main() {
  m := martini.Classic()
  // CORS for https://foo.* origins, allowing:
  // - PUT and PATCH methods
  // - Origin header
  // - Credentials share
  m.Use(cors.Allow(&cors.Options{
    AllowOrigins:     []string{"https://*.foo.com"},
    AllowMethods:     []string{"PUT", "PATCH"},
    AllowHeaders:     []string{"Origin"},
    ExposeHeaders:    []string{"Content-Length"},
    AllowCredentials: true,
  }))
  m.Run()
}

You may alternatively prefer to allow CORS only for certain routes. Instead of using the CORS middleware app-wide, register it for the prefered routes. The following snippet demonstrates how to enable CORS for /api/books endpoint's PUT handler.

m := martini.Classic()
allowCORSHandler := cors.Allow(&cors.Options{
  AllowOrigins:     []string{"https://*.foo.com"},
  AllowMethods:     []string{"PUT", "PATCH"},
  AllowHeaders:     []string{"Origin"},
})

m.Put("/api/books", allowCORSHandler, func() string {
  // ...
})

Authors

Documentation

Overview

Package cors provides handlers to enable CORS support.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Allow 

func Allow(opts *Options) http.HandlerFunc

Allow enables CORS for requests those match the provided options.

Types

type Options 

type Options struct {
	// If set, all origins are allowed.
	AllowAllOrigins bool
	// A list of allowed origins. Wild cards and FQDNs are supported.
	AllowOrigins []string
	// If set, allows to share auth credentials such as cookies.
	AllowCredentials bool
	// A list of allowed HTTP methods.
	AllowMethods []string
	// A list of allowed HTTP headers.
	AllowHeaders []string
	// A list of exposed HTTP headers.
	ExposeHeaders []string
	// Max age of the CORS headers.
	MaxAge time.Duration
}

Options represents Access Control options.

func (*Options) Header 

func (o *Options) Header(origin string) (headers map[string]string)

Header converts options into CORS headers.

func (*Options) IsOriginAllowed 

func (o *Options) IsOriginAllowed(origin string) (allowed bool)

IsOriginAllowed looks up if the origin matches one of the patterns generated from Options.AllowOrigins patterns.

func (*Options) PreflightHeader 

func (o *Options) PreflightHeader(origin, rMethod, rHeaders string) (headers map[string]string)

PreflightHeader converts options into CORS headers for a preflight response.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.