Struct corsware::CorsMiddleware

pub struct CorsMiddleware {
    pub allowed_origins: AllowedOrigins,
    pub allowed_methods: Vec<Method>,
    pub allowed_headers: Vec<UniCase<String>>,
    pub exposed_headers: Vec<UniCase<String>>,
    pub allow_credentials: bool,
    pub max_age_seconds: u32,
    pub prefer_wildcard: bool,
}

An Iron middleware implementing CORS.

Note: Not using Vec<Header> to represent headers since the Iron Header type is representing a Key=Value pair and not just the key. In other words, the Header type represents an instance of a HTTP header. What we need here is something representing the type of header. Since the Header trait defines a a method fn header_name() -> &'static str, we conclude that Iron uses strings to represent this.

Simple Example

extern crate iron;
extern crate corsware;
use corsware::CorsMiddleware;
use iron::prelude::*;
use iron::status;

fn main() {
  let handler = |_: &mut Request| {
      Ok(Response::with((status::Ok, "Hello world!")))
  };
  let mut chain = Chain::new(handler);
  chain.link_around(CorsMiddleware::permissive());
  let mut listening = Iron::new(chain).http("localhost:0").unwrap();
  listening.close().unwrap();
}

A More Elaborate Example

extern crate iron;
extern crate corsware;
use corsware::{CorsMiddleware, AllowedOrigins, UniCase};
use iron::method::Method::{Get,Post};
use iron::prelude::*;
use iron::status;

fn main() {
  let handler = |_: &mut Request| {
      Ok(Response::with((status::Ok, "Hello world!")))
  };
  let cors = CorsMiddleware {
    allowed_origins : AllowedOrigins::Any { allow_null: false },
    allowed_headers: vec![UniCase("Content-Type".to_owned())],
    allowed_methods : vec![ Get, Post ],
    exposed_headers: vec![],
    allow_credentials: false,
    max_age_seconds: 60 * 60,
    prefer_wildcard: true
  };

  let chain = cors.decorate(handler);
  let mut listening = Iron::new(chain).http("localhost:0").unwrap();
  listening.close().unwrap();
}

Fields

allowed_origins: AllowedOrigins

The origins which are allowed to access this resource

allowed_methods: Vec<Method>

The methods allowed to perform on this resource

allowed_headers: Vec<UniCase<String>>

The headers allowed to send to this resource

exposed_headers: Vec<UniCase<String>>

The headers allowed to read from the response from this resource

allow_credentials: bool

Whether to allow clients to send cookies to this resource or not

max_age_seconds: u32

Defines the max cache lifetime for operations allowed on this resource

prefer_wildcard: bool

If set, wildcard ('*') will be used as value for AccessControlAllowOrigin if possible. If not set, echoing the incoming origin will be preferred. If credentials are allowed, echoing will always be used.

Methods

impl CorsMiddleware

fn permissive() -> CorsMiddleware

New middleware with sensible permissive settings. Allows any origin. Allows all standard HTTP methods. Allows common request headers (as defined by common_req_headers(). Does not expose any headers. Does not allow credentials. Sets MaxAge to 60 minutes.

fn decorate<T: Handler>(self, handler: T) -> Chain

Util function for wrapping the supplied handler with this CorsMiddleware. Works by constructing a chain with only this middleware linked.

Trait Implementations

impl Clone for CorsMiddleware

fn clone(&self) -> CorsMiddleware

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl AroundMiddleware for CorsMiddleware

fn around(self, handler: Box<Handler>) -> Box<Handler>

Produce a Handler from this AroundMiddleware given another Handler.