Crate iron_cors[][src]

A CORS middleware for Iron with preflight support.

See for reference.


There are two modes available:

Mode 1: Whitelist

The user of the middleware must specify a list of allowed hosts (port or protocol aren't being checked by the middleware). If the Origin header is set on a request and if the value matches one of the allowed hosts, the Access-Control-Allow-Origin header for that host is added to the response.

Initialize the middleware with a HashSet of allowed host strings:

use std::collections::HashSet;
use iron_cors::CorsMiddleware;

let allowed_hosts = [""].iter()
let middleware = CorsMiddleware::with_whitelist(allowed_hosts);

See examples/ for a full usage example.

Mode 2: Allow Any

Alternatively, the user of the middleware can choose to allow requests from any origin. In that case, the Access-Control-Allow-Origin header is added to any request with an Origin header.

use iron_cors::CorsMiddleware;

let middleware = CorsMiddleware::with_allow_any();

See examples/ for a full usage example.



The struct that holds the CORS configuration.