Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Credentials

func Credentials()

Credentials sets the allow credentials response header.

Credentials must be used in an Origin expression.

Example:

Origin("http://swagger.goa.design", func() {
    Credentials()            // Sets Access-Control-Allow-Credentials header
})

func Expose

func Expose(vals ...string)

Expose sets the origin exposed headers.

Expose must appear in an Origin expression.

Example:

Origin("http://swagger.goa.design", func() {
    Expose("X-Time")               // One or more headers exposed to clients
})

func Headers

func Headers(vals ...string)

Headers sets the authorized headers. "*" authorizes all headers.

Headers must be used in an Origin expression.

Example:

Origin("http://swagger.goa.design", func() {
    Headers("X-Shared-Secret")
})

Origin("http://swagger.goa.design", func() {
    Headers("*")
})

func MaxAge

func MaxAge(val uint)

MaxAge sets the cache expiry for preflight request responses.

MaxAge must be used in an Origin expression.

Example:

Origin("http://swagger.goa.design", func() {
    MaxAge(600)            // How long to cache a preflight request response
})

func Methods

func Methods(vals ...string)

Methods sets the origin allowed methods.

Methods must be used in an Origin expression.

Example:

Origin("http://swagger.goa.design", func() {
    Methods("GET", "POST")           // One or more authorized HTTP methods
})

func Origin

func Origin(origin string, args ...interface{})

Origin defines the CORS policy for a given origin. The origin can use a wildcard prefix such as "https://*.mydomain.com". The special value "*" defines the policy for all origins (in which case there should be only one Origin DSL in the parent resource). The origin can also be a regular expression in which case it must be wrapped with "/".

Origin must appear in API or Service Expression.

Origin accepts an origin string as the first argument and an optional DSL function as the second argument.

Example:

import cors "goa.design/plugins/cors"

var _ = API("calc", func() {
    cors.Origin("http://swagger.goa.design", func() { // Define CORS policy, may be prefixed with "*" wildcard
        cors.Headers("X-Shared-Secret")  // One or more authorized headers, use "*" to authorize all
        cors.Methods("GET", "POST")      // One or more authorized HTTP methods
        cors.Expose("X-Time")            // One or more headers exposed to clients
        cors.MaxAge(600)                 // How long to cache a preflight request response
        cors.Credentials()               // Sets Access-Control-Allow-Credentials header
    })
})

var _ = Service("calculator", func() {
    cors.Origin("/(api|swagger)[.]goa[.]design/") // Define CORS policy with a regular expression

    Method("add", func() {
        Description("Add two operands")
        Payload(Operands)
        Error(ErrBadRequest, ErrorResult)
    })
})

Types

This section is empty.

Source Files