Module tower_http::cors
source · Expand description
Middleware which adds headers for CORS.
Example
use http::{Request, Response, Method, header};
use hyper::Body;
use tower::{ServiceBuilder, ServiceExt, Service};
use tower_http::cors::{Any, CorsLayer};
use std::convert::Infallible;
async fn handle(request: Request<Body>) -> Result<Response<Body>, Infallible> {
Ok(Response::new(Body::empty()))
}
let cors = CorsLayer::new()
// allow `GET` and `POST` when accessing the resource
.allow_methods([Method::GET, Method::POST])
// allow requests from any origin
.allow_origin(Any);
let mut service = ServiceBuilder::new()
.layer(cors)
.service_fn(handle);
let request = Request::builder()
.header(header::ORIGIN, "https://example.com")
.body(Body::empty())
.unwrap();
let response = service
.ready()
.await?
.call(request)
.await?;
assert_eq!(
response.headers().get(header::ACCESS_CONTROL_ALLOW_ORIGIN).unwrap(),
"*",
);Structs
- Holds configuration for how to set the
Access-Control-Allow-Credentialsheader. - Holds configuration for how to set the
Access-Control-Allow-Headersheader. - Holds configuration for how to set the
Access-Control-Allow-Methodsheader. - Holds configuration for how to set the
Access-Control-Allow-Originheader. - Holds configuration for how to set the
Access-Control-Allow-Private-Networkheader. - Represents a wildcard value (
*) used with some CORS headers such asCorsLayer::allow_methods. - Middleware which adds headers for CORS.
- Holds configuration for how to set the
Access-Control-Expose-Headersheader. - Holds configuration for how to set the
Access-Control-Max-Ageheader. - Response future for
Cors. - Holds configuration for how to set the
Varyheader.
Functions
- anyDeprecatedRepresents a wildcard value (
*) used with some CORS headers such asCorsLayer::allow_methods. - Returns an iterator over the three request headers that may be involved in a CORS preflight request.