cors

package module
v0.0.0-...-f62204b Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 6, 2023 License: Apache-2.0 Imports: 7 Imported by: 1

README

cors

Package cors is a middleware that handles CORS requests & headers for Macaron.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CORS

func CORS(options ...Options) macaron.Handler

CORS responds to preflight requests with adequat access-control-* respond headers https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin https://fetch.spec.whatwg.org/#cors-protocol-and-credentials

func Version

func Version() string

Version returns the version of this module

Types

type Options

type Options struct {
	Section          string
	Scheme           string
	AllowDomain      []string
	AllowSubdomain   bool
	Methods          []string
	AllowHeaders     []string
	ExposeHeaders    []string
	MaxAgeSeconds    int
	AllowCredentials bool
}

Options to configure the CORS middleware read from the cors section of the ini configuration file.

SCHEME may be http or https as accepted schemes or the '*' wildcard to accept any scheme.

ALLOW_DOMAIN may be a comma separated list of domains that are allowed to run CORS requests Special values are the a single '*' wildcard that will allow any domain to send requests without credentials and the special '!*' wildcard which will reply with requesting domain in the 'access-control-allow-origin' header and hence allow requess from any domain *with* credentials.

ALLOW_SUBDOMAIN set to true accepts requests from any subdomain of ALLOW_DOMAIN.

METHODS may be a comma separated list of HTTP-methods to be accepted.

MAX_AGE_SECONDS may be the duration in secs for which the response is cached (default 600). ref: https://stackoverflow.com/questions/54300997/is-it-possible-to-cache-http-options-response?noredirect=1#comment95790277_54300997 ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age

ALLOW_CREDENTIALS set to false rejects any request with credentials.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL