Module tower_http::cors
source · Available on crate feature
cors only.Expand description
Middleware which adds headers for CORS.
Example
use http::{Request, Response, Method, header};
use hyper::Body;
use tower::{ServiceBuilder, ServiceExt, Service};
use tower_http::cors::{Any, CorsLayer};
use std::convert::Infallible;
async fn handle(request: Request<Body>) -> Result<Response<Body>, Infallible> {
Ok(Response::new(Body::empty()))
}
let cors = CorsLayer::new()
// allow `GET` and `POST` when accessing the resource
.allow_methods([Method::GET, Method::POST])
// allow requests from any origin
.allow_origin(Any);
let mut service = ServiceBuilder::new()
.layer(cors)
.service_fn(handle);
let request = Request::builder()
.header(header::ORIGIN, "https://example.com")
.body(Body::empty())
.unwrap();
let response = service
.ready()
.await?
.call(request)
.await?;
assert_eq!(
response.headers().get(header::ACCESS_CONTROL_ALLOW_ORIGIN).unwrap(),
"*",
);Structs
Holds configuration for how to set the
Access-Control-Allow-Credentials header.Holds configuration for how to set the
Access-Control-Allow-Headers header.Holds configuration for how to set the
Access-Control-Allow-Methods header.Holds configuration for how to set the
Access-Control-Allow-Origin header.Represents a wildcard value (
*) used with some CORS headers such as
CorsLayer::allow_methods.Holds configuration for how to set the
Access-Control-Expose-Headers header.Holds configuration for how to set the
Access-Control-Max-Age header.Response future for
Cors.Functions
anyDeprecated
Represents a wildcard value (
*) used with some CORS headers such as
CorsLayer::allow_methods.Returns an iterator over the three request headers that may be involved in a CORS preflight request.