Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // DefaultHeaderBytes contains default HTTP methods as byte slices for CORS processing. DefaultHeaderBytes = [][]byte{ []byte("OPTIONS"), []byte("GET"), []byte("POST"), } // DefaultSchemas defines the default protocols allowed in CORS requests. DefaultSchemas = []string{ "http://", "https://", } // DefaultSchemasBytes defines the default protocols allowed in CORS requests as byte slices. DefaultSchemasBytes = [][]byte{ []byte("http://"), []byte("https://"), } // ExtensionSchemas defines the browser extension protocols allowed in CORS requests. ExtensionSchemas = []string{ "chrome-extension://", "safari-extension://", "moz-extension://", "ms-browser-extension://", } // FileSchemas defines the file protocol allowed in CORS requests. FileSchemas = []string{ "file://", } // WebSocketSchemas defines the websocket protocols allowed in CORS requests. WebSocketSchemas = []string{ "ws://", "wss://", } )
Functions ¶
func Default ¶
func Default() app.HandlerFunc
Default returns the location middleware with default configuration.
func NewMiddleware ¶
func NewMiddleware(config Config) app.HandlerFunc
NewMiddleware returns the location middleware with user-defined custom configuration.
Types ¶
type Config ¶
type Config struct {
// AllowOriginFunc is a custom function to validate the origin. It takes the origin
// as argument and returns true if allowed or false otherwise.
// AllowOrigins have a higher AllowOrigins have a higher priority than AllowOriginFunc
// It is recommended to use AllowOriginFunc without setting AllowOrigins.
AllowOriginFunc func(origin string) bool
// AllowOrigins is a list of origins a cross-domain request can be executed from.
// If the special "*" value is present in the list, all origins will be allowed.
// Default value is []
AllowOrigins []string `mapstructure:"allow_origins"`
// AllowMethods is a list of methods the client is allowed to use with
// cross-domain requests. Default value is simple methods (GET and POST)
AllowMethods []string `mapstructure:"allow_methods"`
// AllowHeaders is list of non simple headers the client is allowed to use with
// cross-domain requests.
AllowHeaders []string `mapstructure:"allow_headers"`
// ExposedHeaders indicates which headers are safe to expose to the API of a CORS
// API specification
ExposeHeaders []string `mapstructure:"expose_headers"`
// MaxAge indicates how long (in seconds) the results of a preflight request
// can be cached
MaxAge time.Duration `mapstructure:"max_age"`
AllowAllOrigins bool `mapstructure:"allow_all_origins"`
// AllowCredentials indicates whether the request can include user credentials like
// cookies, HTTP authentication or client side SSL certificates.
AllowCredentials bool `mapstructure:"allow_credentials"`
// Allows to add origins like http://some-domain/*, https://api.* or http://some.*.subdomain.com
AllowWildcard bool `mapstructure:"allow_wildcard"`
// Allows usage of popular browser extensions schemas
AllowBrowserExtensions bool
// Allows usage of WebSocket protocol
AllowWebSockets bool
// Allows usage of file:// schema (dangerous!) use it only when you 100% sure it's needed
AllowFiles bool
}
Config represents all available options for the middleware.
func DefaultConfig ¶
func DefaultConfig() Config
DefaultConfig returns a generic default configuration mapped to localhost.
func (*Config) AddAllowHeaders ¶
AddAllowHeaders is allowed to add custom headers.
func (*Config) AddAllowMethods ¶
AddAllowMethods is allowed to add custom methods.
func (*Config) AddExposeHeaders ¶
AddExposeHeaders is allowed to add custom expose headers.
Source Files
Click to show internal directories.
Click to hide internal directories.