Module tower_http::cors
source · Expand description
Middleware which adds headers for CORS.
Example
use http::{Request, Response, Method, header};
use hyper::Body;
use tower::{ServiceBuilder, ServiceExt, Service};
use tower_http::cors::{Any, CorsLayer};
use std::convert::Infallible;
async fn handle(request: Request<Body>) -> Result<Response<Body>, Infallible> {
Ok(Response::new(Body::empty()))
}
let cors = CorsLayer::new()
// allow `GET` and `POST` when accessing the resource
.allow_methods([Method::GET, Method::POST])
// allow requests from any origin
.allow_origin(Any);
let mut service = ServiceBuilder::new()
.layer(cors)
.service_fn(handle);
let request = Request::builder()
.header(header::ORIGIN, "https://example.com")
.body(Body::empty())
.unwrap();
let response = service
.ready()
.await?
.call(request)
.await?;
assert_eq!(
response.headers().get(header::ACCESS_CONTROL_ALLOW_ORIGIN).unwrap(),
"*",
);
Structs
- Holds configuration for how to set the
Access-Control-Allow-Credentials
header. - Holds configuration for how to set the
Access-Control-Allow-Headers
header. - Holds configuration for how to set the
Access-Control-Allow-Methods
header. - Holds configuration for how to set the
Access-Control-Allow-Origin
header. - Represents a wildcard value (
*
) used with some CORS headers such asCorsLayer::allow_methods
. - Middleware which adds headers for CORS.
- Holds configuration for how to set the
Access-Control-Expose-Headers
header. - Holds configuration for how to set the
Access-Control-Max-Age
header. - Response future for
Cors
. - Holds configuration for how to set the
Vary
header.
Functions
- anyDeprecatedRepresents a wildcard value (
*
) used with some CORS headers such asCorsLayer::allow_methods
. - Returns an iterator over the three request headers that may be involved in a CORS preflight request.