cors: github.com/rs/cors Index | Files | Directories

package cors

import "github.com/rs/cors"

Package cors is net/http handler to handle CORS related requests as defined by http://www.w3.org/TR/cors/

You can configure it by passing an option struct to cors.New:

c := cors.New(cors.Options{
    AllowedOrigins:   []string{"foo.com"},
    AllowedMethods:   []string{http.MethodGet, http.MethodPost, http.MethodDelete},
    AllowCredentials: true,
})

Then insert the handler in the chain:

handler = c.Handler(handler)

See Options documentation for more options.

The resulting handler is a standard net/http handler.

Index

Package Files

cors.go utils.go

type Cors Uses

type Cors struct {
    // Debug logger
    Log Logger
    // contains filtered or unexported fields
}

Cors http handler

func AllowAll Uses

func AllowAll() *Cors

AllowAll create a new Cors handler with permissive configuration allowing all origins with all standard methods with any header and credentials.

func Default Uses

func Default() *Cors

Default creates a new Cors handler with default options.

func New Uses

func New(options Options) *Cors

New creates a new Cors handler with the provided options.

func (*Cors) Handler Uses

func (c *Cors) Handler(h http.Handler) http.Handler

Handler apply the CORS specification on the request, and add relevant CORS headers as necessary.

func (*Cors) HandlerFunc Uses

func (c *Cors) HandlerFunc(w http.ResponseWriter, r *http.Request)

HandlerFunc provides Martini compatible handler

func (*Cors) ServeHTTP Uses

func (c *Cors) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)

Negroni compatible interface

type Logger Uses

type Logger interface {
    Printf(string, ...interface{})
}

Logger generic interface for logger

type Options Uses

type Options struct {
    // AllowedOrigins is a list of origins a cross-domain request can be executed from.
    // If the special "*" value is present in the list, all origins will be allowed.
    // An origin may contain a wildcard (*) to replace 0 or more characters
    // (i.e.: http://*.domain.com). Usage of wildcards implies a small performance penalty.
    // Only one wildcard can be used per origin.
    // Default value is ["*"]
    AllowedOrigins []string
    // AllowOriginFunc is a custom function to validate the origin. It take the origin
    // as argument and returns true if allowed or false otherwise. If this option is
    // set, the content of AllowedOrigins is ignored.
    AllowOriginFunc func(origin string) bool
    // AllowOriginRequestFunc is a custom function to validate the origin. It takes the HTTP Request object and the origin as
    // argument and returns true if allowed or false otherwise. If this option is set, the content of `AllowedOrigins`
    // and `AllowOriginFunc` is ignored.
    AllowOriginRequestFunc func(r *http.Request, origin string) bool
    // AllowedMethods is a list of methods the client is allowed to use with
    // cross-domain requests. Default value is simple methods (HEAD, GET and POST).
    AllowedMethods []string
    // AllowedHeaders is list of non simple headers the client is allowed to use with
    // cross-domain requests.
    // If the special "*" value is present in the list, all headers will be allowed.
    // Default value is [] but "Origin" is always appended to the list.
    AllowedHeaders []string
    // ExposedHeaders indicates which headers are safe to expose to the API of a CORS
    // API specification
    ExposedHeaders []string
    // MaxAge indicates how long (in seconds) the results of a preflight request
    // can be cached
    MaxAge int
    // AllowCredentials indicates whether the request can include user credentials like
    // cookies, HTTP authentication or client side SSL certificates.
    AllowCredentials bool
    // OptionsPassthrough instructs preflight to let other potential next handlers to
    // process the OPTIONS method. Turn this on if your application handles OPTIONS.
    OptionsPassthrough bool
    // Debugging flag adds additional output to debug server side CORS issues
    Debug bool
}

Options is a configuration container to setup the CORS middleware.

Directories

PathSynopsis
wrapper/ginPackage cors/wrapper/gin provides gin.HandlerFunc to handle CORS related requests as a wrapper of github.com/rs/cors handler.

Package cors imports 5 packages (graph) and is imported by 1408 packages. Updated 2020-06-26. Refresh now. Tools for package owners.