CORS Middleware

Main

The CORS middleware allows you to enable or disable Cross-origin resource sharing. This way, you can protect your endpoints from being requested from unknown origins or undesired origins.

Usage

The usage of CORS middleware is quiet similar to other Mandarine modules, it is done through the use of Decorators.

Syntax:

@Cors(corsOptions: Mandarine.MandarineMVC.CorsMiddlewareOption)

Interface (MandarineMvc.CorsMiddlewareOption):

  • origin

    • Declares the valid origins. It can be a string, a RegExp, or an array of both string & RegExp for multiple origins.

    • Default: *

  • methods

    • Methods allowed

    • Default: ["GET", "HEAD", "PUT", "PATCH", "POST", "DELETE"]

  • allowedHeaders

    • List of headers to be added to access-control-request-headers

  • exposedHeaders

    • List of headers to be added to accessl-control-expose-headers

  • credentials

    • Boolean value for header access-control-allow-credentials

  • maxAge

    • Value for header access-control-max-age

  • optionsSuccessStatus

    • Http response code for when CORS has been accepted.

    • Default: 204

Basic Usage

At Controller level:

import { Controller, GET, Cors } from "https://deno.land/x/mandarinets/mod.ts";

@Controller('/api')
@Cors({ origin: "https://myorigin.com" })
export class MyApi {

    @GET('/hello')
    public handler() {
        return "hello";
    }

}

At Route level

import { Controller, GET, Cors } from "https://deno.land/x/mandarinets/mod.ts";

@Controller('/api')
export class MyApi {

    @GET('/hello')
    @Cors({ origin: "https://myorigin.com" })
    public handler() {
        return "hello";
    }
    
}

Last updated