fraiseql_core/config/
cors.rs

1//! Cross-Origin Resource Sharing (CORS) configuration.
2
3use serde::{Deserialize, Serialize};
4
5/// Cross-Origin Resource Sharing (CORS) configuration.
6#[derive(Debug, Clone, Serialize, Deserialize)]
7#[serde(default)]
8pub struct CorsConfig {
9    /// Enabled CORS.
10    pub enabled: bool,
11
12    /// Allowed origins. Empty = allow all, "*" = allow any.
13    pub allowed_origins: Vec<String>,
14
15    /// Allowed HTTP methods.
16    pub allowed_methods: Vec<String>,
17
18    /// Allowed headers.
19    pub allowed_headers: Vec<String>,
20
21    /// Headers to expose to the client.
22    pub expose_headers: Vec<String>,
23
24    /// Allow credentials (cookies, authorization headers).
25    pub allow_credentials: bool,
26
27    /// Preflight cache duration in seconds.
28    pub max_age_secs: u64,
29}
30
31impl Default for CorsConfig {
32    fn default() -> Self {
33        Self {
34            enabled:           true,
35            allowed_origins:   vec![], // Empty = allow all
36            allowed_methods:   vec!["GET".to_string(), "POST".to_string(), "OPTIONS".to_string()],
37            allowed_headers:   vec![
38                "Content-Type".to_string(),
39                "Authorization".to_string(),
40                "X-Request-ID".to_string(),
41            ],
42            expose_headers:    vec![],
43            allow_credentials: false,
44            max_age_secs:      86400, // 24 hours
45        }
46    }
47}
fraiseql_core/config/cors.rs

fraiseql_core/config/
cors.rs
