Documentation ¶
Index ¶
- Variables
- type AllowOriginFunc
- type CORS
- func (c *CORS) AllowHeaders(headers ...string) *CORS
- func (c *CORS) AllowOriginFunc(fn AllowOriginFunc) *CORS
- func (c *CORS) DisallowCredentials() *CORS
- func (c *CORS) ExposeHeaders(headers ...string) *CORS
- func (c *CORS) ExtractOriginFunc(fn ExtractOriginFunc) *CORS
- func (c *CORS) HandleErrorFunc(fn HandleErrorFunc) *CORS
- func (c *CORS) Handler() iris.Handler
- func (c *CORS) MaxAge(d time.Duration) *CORS
- type ExtractOriginFunc
- type HandleErrorFunc
Constants ¶
This section is empty.
Variables ¶
var ( // ErrOriginNotAllowed is given to the error handler // when the error is caused because an origin was not allowed to pass through. ErrOriginNotAllowed = errors.New("origin not allowed") // AllowAnyOrigin allows all origins to pass. AllowAnyOrigin = func(_ iris.Context, _ string) bool { return true } // DefaultErrorHandler is the default error handler which // fires forbidden status (403) on disallowed origins. DefaultErrorHandler = func(ctx iris.Context, _ error) { ctx.StopWithStatus(iris.StatusForbidden) } // DefaultOriginExtractor is the default method which // an origin is extracted. It returns the value of the request's "Origin" header. DefaultOriginExtractor = func(ctx iris.Context) string { return ctx.GetHeader("Origin") } )
Functions ¶
This section is empty.
Types ¶
type AllowOriginFunc ¶
AllowOriginFunc describes the function which is called when the middleware decides if the request's origin should be allowed or not.
type CORS ¶
type CORS struct {
// contains filtered or unexported fields
}
CORS holds the customizations developers can do on the cors middleware.
Read more at: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS.
func New ¶
func New() *CORS
New returns the default CORS middleware. For a more advanced type of protection middleware with more options please refer to: https://github.com/iris-contrib/middleware repository instead.
func (*CORS) AllowHeaders ¶
AllowHeaders sets the "Access-Control-Allow-Headers" header value.
Read more at: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#access-control-allow-headers.
func (*CORS) AllowOriginFunc ¶
func (c *CORS) AllowOriginFunc(fn AllowOriginFunc) *CORS
AllowOriginFunc sets the function which decides if an origin(domain) is allowed to continue or not.
Read more at: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#access-control-allow-origin.
func (*CORS) DisallowCredentials ¶
DisallowCredentials sets the "Access-Control-Allow-Credentials" header to false.
Read more at: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#access-control-allow-credentials.
func (*CORS) ExposeHeaders ¶
ExposeHeaders sets the "Access-Control-Expose-Headers" header value.
Read more at: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#access-control-expose-headers.
func (*CORS) ExtractOriginFunc ¶
func (c *CORS) ExtractOriginFunc(fn ExtractOriginFunc) *CORS
ExtractOriginFunc sets the function which should return the request's origin.
func (*CORS) HandleErrorFunc ¶
func (c *CORS) HandleErrorFunc(fn HandleErrorFunc) *CORS
HandleErrorFunc sets the function which is called when an error of origin not allowed is fired.
type ExtractOriginFunc ¶
type ExtractOriginFunc = func(ctx iris.Context) string
ExtractOriginFunc describes the function which should return the request's origin.
type HandleErrorFunc ¶
type HandleErrorFunc = func(ctx iris.Context, err error)
HandleErrorFunc describes the function which is fired when a request by a specific (or empty) origin was not allowed to pass through.