Crate iron_cors[−][src]
A CORS middleware for Iron with preflight support.
See https://www.html5rocks.com/static/images/cors_server_flowchart.png for reference.
Usage
There are two modes available:
Mode 1: Whitelist
The user of the middleware must specify a list of allowed hosts (port or
protocol aren't being checked by the middleware). If the Origin
header is
set on a request and if the value matches one of the allowed hosts, the
Access-Control-Allow-Origin
header for that host is added to the response.
Initialize the middleware with a HashSet
of allowed host strings:
use std::collections::HashSet; use iron_cors::CorsMiddleware; let allowed_hosts = ["example.com"].iter() .map(ToString::to_string) .collect::<HashSet<_>>(); let middleware = CorsMiddleware::with_whitelist(allowed_hosts);
See
examples/whitelist.rs
for a full usage example.
Mode 2: Allow Any
Alternatively, the user of the middleware can choose to allow requests from
any origin. In that case, the Access-Control-Allow-Origin
header is added
to any request with an Origin
header.
use iron_cors::CorsMiddleware; let middleware = CorsMiddleware::with_allow_any();
See
examples/allow_any.rs
for a full usage example.
Structs
CorsMiddleware |
The struct that holds the CORS configuration. |