[][src]Struct rocket_cors::CorsOptions

pub struct CorsOptions {
    pub allowed_origins: AllowedOrigins,
    pub allowed_methods: AllowedMethods,
    pub allowed_headers: AllowedHeaders,
    pub allow_credentials: bool,
    pub expose_headers: HashSet<String>,
    pub max_age: Option<usize>,
    pub send_wildcard: bool,
    pub fairing_route_base: String,
    pub fairing_route_rank: isize,
}

Configuration options for CORS request handling.

You create a new copy of this struct by defining the configurations in the fields below. This struct can also be deserialized by serde with the serialization feature which is enabled by default.

Default is implemented for this struct. The default for each field is described in the docuementation for the field.

Before you can use this with Rocket, you will need to call the CorsOptions::to_cors method.

Examples

You can run an example from the repository to demonstrate the JSON serialization with cargo run --example json.

Pure default

let default = rocket_cors::CorsOptions::default();

JSON Examples

Default

{
  "allowed_origins": "All",
  "allowed_methods": [
    "POST",
    "PATCH",
    "PUT",
    "DELETE",
    "HEAD",
    "OPTIONS",
    "GET"
  ],
  "allowed_headers": "All",
  "allow_credentials": false,
  "expose_headers": [],
  "max_age": null,
  "send_wildcard": false,
  "fairing_route_base": "/cors",
  "fairing_route_rank": 0
}

Defined

{
  "allowed_origins": {
    "Some": {
        "exact": ["https://www.acme.com"],
        "regex": ["^https://www.example-[A-z0-9]*.com$"]
    }
  },
  "allowed_methods": [
    "POST",
    "DELETE",
    "GET"
  ],
  "allowed_headers": {
    "Some": [
      "Accept",
      "Authorization"
    ]
  },
  "allow_credentials": true,
  "expose_headers": [
    "Content-Type",
    "X-Custom"
  ],
  "max_age": 42,
  "send_wildcard": false,
  "fairing_route_base": "/mycors"
}

Fields

allowed_origins: AllowedOrigins

Origins that are allowed to make requests. Will be verified against the Origin request header.

When All is set, and send_wildcard is set, "*" will be sent in the Access-Control-Allow-Origin response header. Otherwise, the client's Origin request header will be echoed back in the Access-Control-Allow-Origin response header.

When Some is set, the client's Origin request header will be checked in a case-sensitive manner.

This is the list of origins in the Resource Processing Model.

Defaults to All.

allowed_methods: AllowedMethods

The list of methods which the allowed origins are allowed to access for non-simple requests.

This is the list of methods in the Resource Processing Model.

Defaults to [GET, HEAD, POST, OPTIONS, PUT, PATCH, DELETE]

allowed_headers: AllowedHeaders

The list of header field names which can be used when this resource is accessed by allowed origins.

If All is set, whatever is requested by the client in Access-Control-Request-Headers will be echoed back in the Access-Control-Allow-Headers header.

This is the list of headers in the Resource Processing Model.

Defaults to All.

allow_credentials: bool

Allows users to make authenticated requests. If true, injects the Access-Control-Allow-Credentials header in responses. This allows cookies and credentials to be submitted across domains.

This CANNOT be used in conjunction with allowed_origins set to All and send_wildcard set to true. Depending on the mode of usage, this will either result in an Error::CredentialsWithWildcardOrigin error during Rocket launch or runtime.

Defaults to false.

expose_headers: HashSet<String>

The list of headers which are safe to expose to the API of a CORS API specification. This corresponds to the Access-Control-Expose-Headers responde header.

This is the list of exposed headers in the Resource Processing Model.

This defaults to an empty set.

max_age: Option<usize>

The maximum time for which this CORS request maybe cached. This value is set as the Access-Control-Max-Age header.

This defaults to None (unset).

send_wildcard: bool

If true, and the allowed_origins parameter is All, a wildcard Access-Control-Allow-Origin response header is sent, rather than the request’s Origin header.

This is the supports credentials flag in the Resource Processing Model.

This CANNOT be used in conjunction with allowed_origins set to All and allow_credentials set to true. Depending on the mode of usage, this will either result in an Error::CredentialsWithWildcardOrigin error during Rocket launch or runtime.

Defaults to false.

fairing_route_base: String

When used as Fairing, Cors will need to redirect failed CORS checks to a custom route mounted by the fairing. Specify the base of the route so that it doesn't clash with any of your existing routes.

Defaults to "/cors"

fairing_route_rank: isize

When used as Fairing, Cors will need to redirect failed CORS checks to a custom route mounted by the fairing. Specify the rank of the route so that it doesn't clash with any of your existing routes. Remember that a higher ranked route has lower priority.

Defaults to 0

Methods

impl CorsOptions[src]

pub fn validate(&self) -> Result<(), Error>[src]

Validates if any of the settings are disallowed, incorrect, or illegal

pub fn to_cors(&self) -> Result<Cors, Error>[src]

Creates a Cors struct that can be used to respond to requests or as a Rocket Fairing

Trait Implementations

impl PartialEq<CorsOptions> for CorsOptions[src]

impl Clone for CorsOptions[src]

fn clone_from(&mut self, source: &Self)1.0.0[src]

Performs copy-assignment from source. Read more

impl Default for CorsOptions[src]

impl Eq for CorsOptions[src]

impl Debug for CorsOptions[src]

impl Serialize for CorsOptions[src]

impl<'de> Deserialize<'de> for CorsOptions[src]

Auto Trait Implementations

impl Send for CorsOptions

impl Sync for CorsOptions

Blanket Implementations

impl<T> From<T> for T[src]

impl<T> ToOwned for T where
    T: Clone
[src]

type Owned = T

The resulting type after obtaining ownership.

impl<T, U> Into<U> for T where
    U: From<T>, 
[src]

impl<T, U> TryFrom<U> for T where
    U: Into<T>, 
[src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, 
[src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

impl<T> Borrow<T> for T where
    T: ?Sized
[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized
[src]

impl<T> Any for T where
    T: 'static + ?Sized
[src]

impl<T> Typeable for T where
    T: Any

fn get_type(&self) -> TypeId

Get the TypeId of this object.

impl<T> DeserializeOwned for T where
    T: Deserialize<'de>, 
[src]

impl<T> IntoCollection<T> for T

impl<T, I> AsResult<T, I> for T where
    I: Input, 

impl<Q, K> Equivalent<K> for Q where
    K: Borrow<Q> + ?Sized,
    Q: Eq + ?Sized
[src]