Skip to main content

feagi_api/middleware/
cors.rs

1// Copyright 2025 Neuraville Inc.
2// SPDX-License-Identifier: Apache-2.0
3
4// CORS middleware for HTTP API
5
6use tower_http::cors::{Any, CorsLayer};
7
8/// Create CORS layer with permissive settings
9///
10/// This allows requests from any origin, which is appropriate for development
11/// and internal FEAGI deployments. For production, this should be configured
12/// via TOML config to restrict allowed origins.
13pub fn create_cors_layer() -> CorsLayer {
14    CorsLayer::new()
15        .allow_origin(Any)
16        .allow_methods(Any)
17        .allow_headers(Any)
18        .allow_credentials(false)
19}