Skip to content
/ cors Public
forked from rs/cors

Go net/http configurable handler to handle CORS requests

License

MIT license
0 stars 222 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

one7piece/cors

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
examples
examples
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
bench_test.go
bench_test.go
 
 
cors.go
cors.go
 
 
cors_test.go
cors_test.go
 
 
utils.go
utils.go
 
 
utils_test.go
utils_test.go
 
 

Repository files navigation

Go CORS handler godoc license build

CORS is a net/http handler implementing Cross Origin Resource Sharing W3 specification in Golang.

Getting Started

After installing Go and setting up your GOPATH, create your first .go file. We'll call it server.go.

package main

import (
    "net/http"

    "github.com/rs/cors"
)

func main() {
    h := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        w.Header().Set("Content-Type", "application/json")
        w.Write([]byte("{\"hello\": \"world\"}"))
    })

    // cors.Default() setup the middleware with default options being
    // all origins accepted with simple methods (GET, POST). See
    // documentation below for more options.
    handler = cors.Default().Handler(h)
    http.ListenAndServe(":8080", handler)
}

Install cors:

go get github.com/rs/cors

Then run your server:

go run server.go

The server now runs on localhost:8080:

$ curl -D - -H 'Origin: http://foo.com' http://localhost:8080/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: foo.com
Content-Type: application/json
Date: Sat, 25 Oct 2014 03:43:57 GMT
Content-Length: 18

{"hello": "world"}

More Examples

Parameters

Parameters are passed to the middleware thru the cors.New method as follow:

c := cors.New(cors.Options{
    AllowedOrigins: []string{"http://foo.com"},
    AllowCredentials: true,
})

// Insert the middleware
handler = c.Handler(handler)
  • AllowedOrigins []string: A list of origins a cross-domain request can be executed from. If the special * value is present in the list, all origins will be allowed. The default value is *.
  • AllowedMethods []string: A list of methods the client is allowed to use with cross-domain requests.
  • AllowedHeaders []string: A list of non simple headers the client is allowed to use with cross-domain requests. Default value is simple methods (GET and POST)
  • ExposedHeaders []string: Indicates which headers are safe to expose to the API of a CORS API specification
  • AllowCredentials bool: Indicates whether the request can include user credentials like cookies, HTTP authentication or client side SSL certificates. The default is false.
  • MaxAge int: Indicates how long (in seconds) the results of a preflight request can be cached. The default is 0 which stands for no max age.

See API documentation for more info.

Licenses

All source code is licensed under the MIT License.

About

Go net/http configurable handler to handle CORS requests

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Go 100.0%