CORSMiddleware function

Creates CORS middleware object

Adds CORS to Application . CORS Middleware out of the box in RestRserve to turn on/off the CORS Headers on preflight validation from the browser.

Cross Origin Resource Sharing is an additional security check done by moderns browsers to avoid request between different domains. To allow it RestRserve has easy way to enable your CORS policies. By default CORS policies are disabled. So if any request is coming from a different domain will be blocked by the browser as default because RestRserve will not send the headers required by the browser to allow cross site resource sharing. You can change this easy just by providing CORSMiddleware as middleware to the Application .

Examples

app = Application$new(middleware = list(CORSMiddleware$new()))
app$add_post(path = "/hello", FUN = function(req, res) {
  res$set_body("Hello from RestRserve!")
})
app$add_route("/hello", method = "OPTIONS", FUN = function(req, res) {
 res$set_header("Allow", "POST, OPTIONS")
})
req = Request$new(
  path = "/hello",
  headers = list("Access-Control-Request-Method" = "POST"),
  method = "OPTIONS"
)
app$process_request(req)

References

MDN

See Also

Middleware Application

Super class

RestRserve::Middleware -> CORSMiddleware

Methods

Public methods

• list("CORSMiddleware$new()")

• list("CORSMiddleware$clone()")

Method new()

Creates CORS middleware object

Usage

CORSMiddleware$new(routes = "/", match = "partial", id = "CORSMiddleware")

Arguments

• routes: Routes paths to protect.

• match: How routes will be matched: exact or partial (as prefix).

• id: Middleware id.

Method clone()

The objects of this class are cloneable with this method.

Usage

CORSMiddleware$clone(deep = FALSE)

Arguments

• deep: Whether to make a deep clone.