cors

package
v0.0.0-...-8488f5b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 17, 2016 License: BSD-3-Clause, Apache-2.0 Imports: 5 Imported by: 0

README

cors wercker status

Martini middleware/handler to enable CORS support.

Usage

import (
  "github.com/go-martini/martini"
  "github.com/martini-contrib/cors"
)

func main() {
  m := martini.Classic()
  // CORS for https://foo.* origins, allowing:
  // - PUT and PATCH methods
  // - Origin header
  // - Credentials share
  m.Use(cors.Allow(&cors.Options{
    AllowOrigins:     []string{"https://*.foo.com"},
    AllowMethods:     []string{"PUT", "PATCH"},
    AllowHeaders:     []string{"Origin"},
    ExposeHeaders:    []string{"Content-Length"},
    AllowCredentials: true,
  }))
  m.Run()
}

You may alternatively prefer to allow CORS only for certain routes. Instead of using the CORS middleware app-wide, register it for the prefered routes. The following snippet demonstrates how to enable CORS for /api/books endpoint's PUT handler.

m := martini.Classic()
allowCORSHandler := cors.Allow(&cors.Options{
  AllowOrigins:     []string{"https://*.foo.com"},
  AllowMethods:     []string{"PUT", "PATCH"},
  AllowHeaders:     []string{"Origin"},
})

m.Put("/api/books", allowCORSHandler, func() string {
  // ...
})

Authors

Documentation

Overview

Package cors provides handlers to enable CORS support.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Options 

type Options struct {
	// If set, all origins are allowed.
	AllowAllOrigins bool
	// A list of allowed origins. Wild cards and FQDNs are supported.
	AllowOrigins []string
	// A func for determining if `origin` is allowed at request time
	ShouldAllowOrigin func(origin string, req *http.Request) bool
	// If set, allows to share auth credentials such as cookies.
	AllowCredentials bool
	// A list of allowed HTTP methods.
	AllowMethods []string
	// A list of allowed HTTP headers.
	AllowHeaders []string
	// A list of exposed HTTP headers.
	ExposeHeaders []string
	// Max age of the CORS headers.
	MaxAge time.Duration
}

Represents Access Control options.

func (*Options) Handler 

func (o *Options) Handler(next http.Handler) http.HandlerFunc

Allows CORS for requests those match the provided options.

func (*Options) Header 

func (o *Options) Header(origin string, req *http.Request) (headers map[string]string)

Converts options into CORS headers.

func (*Options) IsOriginAllowed 

func (o *Options) IsOriginAllowed(origin string, req *http.Request) (allowed bool)

Looks up if the origin matches one of the patterns generated from Options.AllowOrigins patterns.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.