[][src]Module actix_web::middleware::cors

Cross-origin resource sharing (CORS) for Actix applications

CORS middleware could be used with application and with resource. First you need to construct CORS middleware instance.

To construct a cors:

  1. Call Cors::build to start building.
  2. Use any of the builder methods to set fields in the backend.
  3. Call finish to retrieve the constructed backend.

Cors middleware could be used as parameter for App::middleware() or Resource::middleware() methods. But you have to use Cors::for_app() method to support preflight OPTIONS request.

Example

use actix_web::middleware::cors::Cors;
use actix_web::{http, App, HttpRequest, HttpResponse};

fn index(mut req: HttpRequest) -> &'static str {
    "Hello world"
}

fn main() {
    let app = App::new().configure(|app| {
        Cors::for_app(app) // <- Construct CORS middleware builder
            .allowed_origin("https://www.rust-lang.org/")
            .allowed_methods(vec!["GET", "POST"])
            .allowed_headers(vec![http::header::AUTHORIZATION, http::header::ACCEPT])
            .allowed_header(http::header::CONTENT_TYPE)
            .max_age(3600)
            .resource("/index.html", |r| {
                r.method(http::Method::GET).f(|_| HttpResponse::Ok());
                r.method(http::Method::HEAD).f(|_| HttpResponse::MethodNotAllowed());
            })
            .register()
    });
}

In this example custom CORS middleware get registered for "/index.html" endpoint.

Cors middleware automatically handle OPTIONS preflight request.

Structs

Cors

Middleware for Cross-origin resource sharing support

CorsBuilder

Structure that follows the builder pattern for building Cors middleware structs.

Enums

AllOrSome

An enum signifying that some of type T is allowed, or All (everything is allowed).

CorsError

A set of errors that can occur during processing CORS