cors

package module
v0.0.0-...-009da12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2016 License: MIT Imports: 5 Imported by: 1

README

cors

Package cors is a handler for the core.
It provides Cross-Origin Resource Sharing support.

GoDoc

Documentation

Overview

Package cors is a handler for the core (https://godoc.org/github.com/volatile/core). It provides Cross-Origin Resource Sharing support.

Usage

When using CORS (globally or locally), there is always a parameter of type OriginsMap. It can contain a map of allowed origins and their specific options.

Use nil to allow all headers, methods and origins: 

cors.Use(nil)

Use nil for origin to allow all headers and methods for this origin. 

cors.Use(&cors.OriginsMap{
	"example.com": nil,
})

Use AllOrigins to set options for all origins. 

cors.Use(&cors.OriginsMap{
	"example.com": nil, // All is allowed for this origin.
	cors.AllOrigins: &cors.Options{
		AllowedMethods: []string{"GET"}, // Only the GET method is allowed for the others.
	},
})

Global usage

Use sets a global CORS configuration for all the handlers downstream: 

cors.Use(nil)

// All is allowed for the root path.
core.Use(func(c *core.Context) {
	if c.Request.URL.Path == "/" {
		fmt.Fprint(c.ResponseWriter, "Hello, World!")
	} else {
		c.Next()
	}
})

// Previous CORS options are overwritten.
cors.Use(&cors.OriginsMap{
	cors.AllOrigins: &cors.Options{
		AllowedMethods: []string{"GET"},
	},
})

// Only the GET method is allowed for this handler.
core.Use(func(c *core.Context) {
	fmt.Fprint(c.ResponseWriter, "Read only")
})

Make sure to include the handler above any other handler that alter the response body.

Local usage

LocalUse sets CORS locally, inside a single handler. This setting takes precedence over he global CORS options (if set). 

core.Use(func(c *core.Context) {
	cors.LocalUse(c, &cors.OriginsMap{
		cors.AllOrigins: &cors.Options{AllowedMethods: []string{"GET"}},
	}, func() {
		response.Status(c, http.StatusOK)
	})
})

Documentation

For more information: 

W3C		http://www.w3.org/TR/cors/
Mozilla		https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
HTML5 Rocks	http://www.html5rocks.com/en/tutorials/cors/

Index

Constants

View Source 
const AllOrigins = "*"

AllOrigins is the wildcard.

Variables

This section is empty.

Functions

func LocalUse 

func LocalUse(c *core.Context, origins *OriginsMap, handler func())

LocalUse sets CORS locally, inside a single handler. This setting takes precedence over he global CORS options (if set).

func Use 

func Use(origins *OriginsMap)

Use adds a handler to the default handlers stack. It sets a global CORS configuration for all the handlers downstream.

Types

type Options 

type Options struct {
	AllowedHeaders     []string      // AllowedHeaders indicates, in the case of a preflight request, which headers can be used during the actual request. If none are set, all are allowed.
	AllowedMethods     []string      // AllowedMethods indicates, in the case of a preflight request, which methods can be used during the actual request. If none are set, all are allowed.
	CredentialsAllowed bool          // CredentialsAllowed indicates whether the request can include user credentials like cookies, HTTP authentication or client side SSL certificates.
	ExposedHeaders     []string      // ExposedHeaders whitelists headers that browsers are allowed to access.
	MaxAge             time.Duration // MaxAge indicates how long the results of a preflight request can be cached.
}

Options represents access control options for an origin.

type OriginsMap 

type OriginsMap map[string]*Options

OriginsMap represents the allowed origins with their respective options.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.