Expand description
Middleware which adds headers for CORS.
§Example
use std::convert::Infallible;
use bytes::Bytes;
use rama_http::{Body, Request, Response, Method, header};
use rama_http::layer::cors::{Any, CorsLayer};
use rama_core::service::service_fn;
use rama_core::{Context, Service, Layer};
async fn handle(request: Request) -> Result<Response, Infallible> {
Ok(Response::new(Body::default()))
}
let cors = CorsLayer::new()
// allow `GET` and `POST` when accessing the resource
.allow_methods([Method::GET, Method::POST])
// allow requests from any origin
.allow_origin(Any);
let mut service = cors.layer(service_fn(handle));
let request = Request::builder()
.header(header::ORIGIN, "https://example.com")
.body(Body::default())
.unwrap();
let response = service
.serve(Context::default(), request)
.await?;
assert_eq!(
response.headers().get(header::ACCESS_CONTROL_ALLOW_ORIGIN).unwrap(),
"*",
);Structs§
- Holds configuration for how to set the
Access-Control-Allow-Credentialsheader. - Holds configuration for how to set the
Access-Control-Allow-Headersheader. - Holds configuration for how to set the
Access-Control-Allow-Methodsheader. - Holds configuration for how to set the
Access-Control-Allow-Originheader. - Holds configuration for how to set the
Access-Control-Allow-Private-Networkheader. - Represents a wildcard value (
*) used with some CORS headers such asCorsLayer::allow_methods. - Middleware which adds headers for CORS.
- Holds configuration for how to set the
Access-Control-Expose-Headersheader. - Holds configuration for how to set the
Access-Control-Max-Ageheader. - Holds configuration for how to set the
Varyheader.
Functions§
- any
Deprecated Represents a wildcard value (*) used with some CORS headers such asCorsLayer::allow_methods. - Returns an iterator over the three request headers that may be involved in a CORS preflight request.