CORS Middleware

Main

The CORS middleware allows you to enable or disable Cross-origin resource sharing. This way, you can protect your endpoints from being requested from unknown origins or undesired origins.

Usage

The usage of CORS middleware is quiet similar to other Mandarine modules, it is done through the use of Decorators.

Syntax:

@Cors(corsOptions: Mandarine.MandarineMVC.CorsMiddlewareOption)

Interface (MandarineMvc.CorsMiddlewareOption):

origin
- Declares the valid origins. It can be a string, a RegExp, or an array of both string & RegExp for multiple origins.
- Default: *
methods
- Methods allowed
- Default: ["GET", "HEAD", "PUT", "PATCH", "POST", "DELETE"]
allowedHeaders
- List of headers to be added to access-control-request-headers
exposedHeaders
- List of headers to be added to accessl-control-expose-headers
credentials
- Boolean value for header access-control-allow-credentials
maxAge
- Value for header access-control-max-age
optionsSuccessStatus
- Http response code for when CORS has been accepted.
- Default: 204

Basic Usage

At Controller level:

import { Controller, GET, Cors } from "https://deno.land/x/mandarinets/mod.ts";

@Controller('/api')
@Cors({ origin: "https://myorigin.com" })
export class MyApi {

    @GET('/hello')
    public handler() {
        return "hello";
    }

}

At Route level

import { Controller, GET, Cors } from "https://deno.land/x/mandarinets/mod.ts";

@Controller('/api')
export class MyApi {

    @GET('/hello')
    @Cors({ origin: "https://myorigin.com" })
    public handler() {
        return "hello";
    }
    
}

PreviousSession Middleware NextTemplate Engine

Last updated 4 years ago