CORS Middleware for Iron
A CORS Middleware for Iron.
See https://www.html5rocks.com/static/images/cors_server_flowchart.png for reference.
The middleware will return HTTP 400 Bad Request
if the origin host is missing
or not allowed.
Preflight requests are not yet supported. Neither is it currently possible to simply allow any origin host.
Currently, the user of the middleware must specify a list of allowed hosts
(port or protocol aren't being checked by the middleware). The wrapped handler
will only be executed if the hostname in the Origin
header matches one of the
allowed hosts.
Usage
Initialize the middleware with a vector of allowed host strings:
extern crate iron_cors;
use CorsMiddleware;
let allowed_hosts = vec!;
let middleware = new;
See examples/hello_world.rs
for a full usage example.
License
Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT) at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.