CorsLayer

rama::http::layer::cors

Struct CorsLayer 

pub struct CorsLayer { /* private fields */ }
Available on crate feature http only.
Expand description

Layer that applies the Cors middleware which adds headers for CORS.

See the module docs for an example.

Implementations§

§

impl CorsLayer

pub fn new() -> CorsLayer

Create a new CorsLayer.

No headers are sent by default. Use the builder methods to customize the behavior.

You need to set at least an allowed origin for browsers to make successful cross-origin requests to your service.

pub fn permissive() -> CorsLayer

A permissive configuration:

  • All request headers allowed.
  • All methods allowed.
  • All origins allowed.
  • All headers exposed.

pub fn very_permissive() -> CorsLayer

A very permissive configuration:

  • Credentials allowed.
  • The method received in Access-Control-Request-Method is sent back as an allowed method.
  • The origin of the preflight request is sent back as an allowed origin.
  • The header names received in Access-Control-Request-Headers are sent back as allowed headers.
  • No headers are currently exposed, but this may change in the future.

pub fn try_with_allow_credentials(self) -> Result<CorsLayer, OpaqueError>

Always set the Access-Control-Allow-Credentials header.

§Errors

Errors in case any of the other CORS headers which support the wildcard value have been set to use it.

pub fn try_set_allow_credentials( &mut self, ) -> Result<&mut CorsLayer, OpaqueError>

Always set the Access-Control-Allow-Credentials header.

§Errors

Errors in case any of the other CORS headers which support the wildcard value have been set to use it.

pub fn with_allow_credentials_if( self, predicate: impl Fn(&HeaderValue, &Parts) -> bool + Send + Sync + 'static, ) -> CorsLayer

Set the Access-Control-Allow-Credentials header if predicate is satisfied.

pub fn set_allow_credentials_if( &mut self, predicate: impl Fn(&HeaderValue, &Parts) -> bool + Send + Sync + 'static, ) -> &mut CorsLayer

Set the Access-Control-Allow-Credentials header if predicate is satisfied.

pub fn try_with_allow_headers( self, headers: AccessControlAllowHeaders, ) -> Result<CorsLayer, OpaqueError>

Set the value of the Access-Control-Allow-Headers header.

§Errors

Errors in case credentials are allowed and the given header contains the wildcard value (*).

pub fn try_set_allow_headers( &mut self, headers: AccessControlAllowHeaders, ) -> Result<&mut CorsLayer, OpaqueError>

Set the value of the Access-Control-Allow-Headers header.

§Errors

Errors in case credentials are allowed and the given header contains the wildcard value (*).

pub fn with_max_age(self, header: AccessControlMaxAge) -> CorsLayer

Set the value of the Access-Control-Max-Age header.

By default the header will not be set which disables caching and will require a preflight call for all requests.

Note that each browser has a maximum internal value that takes precedence when the Access-Control-Max-Age is greater. For more details see mdn.

If you need more flexibility, you can use supply a function which can dynamically decide the optional max-age based on the origin and other parts of each preflight request.

pub fn set_max_age(&mut self, header: AccessControlMaxAge) -> &mut CorsLayer

Set the value of the Access-Control-Max-Age header.

By default the header will not be set which disables caching and will require a preflight call for all requests.

Note that each browser has a maximum internal value that takes precedence when the Access-Control-Max-Age is greater. For more details see mdn.

If you need more flexibility, you can use supply a function which can dynamically decide the optional max-age based on the origin and other parts of each preflight request.

pub fn with_max_age_if( self, predicate: impl Fn(&HeaderValue, &Parts) -> Option<Seconds> + Send + Sync + 'static, ) -> CorsLayer

Set the Access-Control-Max-Age header if predicate is satisfied.

See Self::with_max_age and Self::set_max_age for more information.

pub fn set_max_age_if( &mut self, predicate: impl Fn(&HeaderValue, &Parts) -> Option<Seconds> + Send + Sync + 'static, ) -> &mut CorsLayer

Set the Access-Control-Max-Age header if predicate is satisfied.

See Self::with_max_age and Self::set_max_age for more information.

pub fn try_with_allow_methods( self, methods: AccessControlAllowMethods, ) -> Result<CorsLayer, OpaqueError>

Set the value of the Access-Control-Allow-Methods header.

§Errors

Errors in case credentials are allowed and the given header contains the wildcard value (*).

pub fn try_set_allow_methods( &mut self, methods: AccessControlAllowMethods, ) -> Result<&mut CorsLayer, OpaqueError>

Set the value of the Access-Control-Allow-Methods header.

§Errors

Errors in case credentials are allowed and the given header contains the wildcard value (*).

pub fn try_with_allow_origin_any(self) -> Result<CorsLayer, OpaqueError>

Only set the Access-Control-Allow-Origin header with the wildcard value (*).

§Errors

Errors in case credentials are allowed.

pub fn try_set_allow_origin_any( &mut self, ) -> Result<&mut CorsLayer, OpaqueError>

Only set the Access-Control-Allow-Origin header with the wildcard value (*).

§Errors

Errors in case credentials are allowed.

pub fn with_allow_origin_if_null(self) -> CorsLayer

Only set the Access-Control-Allow-Origin header with the “null” value when that is the origin.

Note: The value null should not be used. It may seem safe to return Access-Control-Allow-Origin: "null"; however, the origin of resources that use a non-hierarchical scheme (such as data: or file:) and sandboxed documents is serialized as null. Many browsers will grant such documents access to a response with an Access-Control-Allow-Origin: null header, and any origin can create a hostile document with a null origin. Therefore, the null value for the Access-Control-Allow-Origin header should be avoided

pub fn set_allow_origin_if_null(&mut self) -> &mut CorsLayer

Only set the Access-Control-Allow-Origin header with the “null” value when that is the origin.

Note: The value null should not be used. It may seem safe to return Access-Control-Allow-Origin: "null"; however, the origin of resources that use a non-hierarchical scheme (such as data: or file:) and sandboxed documents is serialized as null. Many browsers will grant such documents access to a response with an Access-Control-Allow-Origin: null header, and any origin can create a hostile document with a null origin. Therefore, the null value for the Access-Control-Allow-Origin header should be avoided

pub fn with_allow_origin_if( self, predicate: impl Fn(&HeaderValue, &Parts) -> bool + Send + Sync + 'static, ) -> CorsLayer

Set the value of the Access-Control-Allow-Origin header if the predicate satisfied.

pub fn set_allow_origin_if( &mut self, predicate: impl Fn(&HeaderValue, &Parts) -> bool + Send + Sync + 'static, ) -> &mut CorsLayer

Set the value of the Access-Control-Allow-Origin header if the predicate satisfied.

pub fn try_with_expose_headers( self, headers: AccessControlExposeHeaders, ) -> Result<CorsLayer, OpaqueError>

Set the value of the Access-Control-Expose-Headers header.

§Errors

Errors in case credentials are allowed and the given header contains the wildcard value (*).

pub fn try_set_expose_headers( &mut self, headers: AccessControlExposeHeaders, ) -> Result<&mut CorsLayer, OpaqueError>

Set the value of the Access-Control-Expose-Headers header.

§Errors

Errors in case credentials are allowed and the given header contains the wildcard value (*).

pub fn with_allow_private_network(self) -> CorsLayer

Always set the Access-Control-Allow-Private-Network header.

pub fn set_allow_private_network(&mut self) -> &mut CorsLayer

Always set the Access-Control-Allow-Private-Network header.

pub fn with_allow_private_network_if( self, predicate: impl Fn(&HeaderValue, &Parts) -> bool + Send + Sync + 'static, ) -> CorsLayer

Set the Access-Control-Allow-Private-Network header if predicate is satisfied.

pub fn set_allow_private_network_if( &mut self, predicate: impl Fn(&HeaderValue, &Parts) -> bool + Send + Sync + 'static, ) -> &mut CorsLayer

Set the Access-Control-Allow-Private-Network header if predicate is satisfied.

pub fn with_vary(self, header: Vary) -> CorsLayer

Set the value(s) of the Vary header.

You only need to set this is you want to remove some of these defaults, or if you use a closure for one of the other headers and want to add a vary header accordingly.

pub fn set_vary(&mut self, header: Vary) -> &mut CorsLayer

Set the value(s) of the Vary header.

You only need to set this is you want to remove some of these defaults, or if you use a closure for one of the other headers and want to add a vary header accordingly.

pub fn handle_options_request(self) -> CorsLayer

Handle OPTIONS request with the inner service.

By default it is not passed on to the inner service, and instead just returned with a 200 OK (empty body).

NOTE that this does not stop the response headers from being added, it only defines who “creates” the response, the modification happens regardless.

Trait Implementations§

§

impl Clone for CorsLayer

§

fn clone(&self) -> CorsLayer

Returns a duplicate of the value. Read more
1.0.0§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
§

impl Debug for CorsLayer

§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
§

impl Default for CorsLayer

§

fn default() -> CorsLayer

Returns the “default value” for a type. Read more
§

impl<S> Layer<S> for CorsLayer

§

type Service = Cors<S>

The service produced by the layer.
§

fn layer(&self, inner: S) -> <CorsLayer as Layer<S>>::Service

Wrap the given service with the middleware, returning a new service.
§

fn into_layer(self, inner: S) -> <CorsLayer as Layer<S>>::Service

Same as layer but consuming self after the service was created. Read more

Auto Trait Implementations§

Blanket Implementations§

§

impl<T> Any for T
where T: 'static + ?Sized,

§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

§

impl<T> Borrow<T> for T
where T: ?Sized,

§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
§

impl<T> BorrowMut<T> for T
where T: ?Sized,

§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> CloneToUninit for T
where T: Clone,

§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
§

impl<T> From<T> for T

§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
§

impl<T> FutureExt for T

§

fn with_context(self, otel_cx: Context) -> WithContext<Self>

Attaches the provided Context to this type, returning a WithContext wrapper. Read more
§

fn with_current_context(self) -> WithContext<Self>

Attaches the current Context to this type, returning a WithContext wrapper. Read more
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
§

impl<T, U> Into<U> for T
where U: From<T>,

§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
§

impl<T> PolicyExt for T
where T: ?Sized,

§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
§

impl<T, U> RamaFrom<T> for U
where U: From<T>,

§

fn rama_from(value: T) -> U

§

impl<T, U, CrateMarker> RamaInto<U, CrateMarker> for T
where U: RamaFrom<T, CrateMarker>,

§

fn rama_into(self) -> U

§

impl<T, U> RamaTryFrom<T> for U
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

§

fn rama_try_from(value: T) -> Result<U, <U as RamaTryFrom<T>>::Error>

§

impl<T, U, CrateMarker> RamaTryInto<U, CrateMarker> for T
where U: RamaTryFrom<T, CrateMarker>,

§

type Error = <U as RamaTryFrom<T, CrateMarker>>::Error

§

fn rama_try_into(self) -> Result<U, <U as RamaTryFrom<T, CrateMarker>>::Error>

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more