struct Athena::Routing::Config::CORS

Overview

Configuration options for ART::Listeners::CORS. If ART::Config.cors is not defined in your configuration file, the listener is disabled.

TODO Allow scoping CORS options to specific routes versus applying them to all routes.

See ART::Config and the external documentation for more information.

Included Modules

Defined in:

config/cors_config.cr

Constructors

Instance Method Summary

Constructor Detail

def self.new(ctx : YAML::ParseContext, node : YAML::Nodes::Node) #

def self.new #

[View source]

Instance Method Detail

def allow_credentials : Bool #

Indicates whether the request can be made using credentials.

Maps to the access-control-allow-credentials header.


[View source]
def allow_headers : Array(String) #

The header or headers that can be used when making the actual request.

Can be set to ["*"] to allow any headers.

maps to the access-control-allow-headers header.


[View source]
def allow_methods : Array(String) #

The method or methods allowed when accessing the resource.

Maps to the access-control-allow-methods header. Defaults to the CORS-safelisted methods.


[View source]
def allow_origin : Array(String) #

A white-listed array of valid origins.

Can be set to ["*"] to allow any origin.

TODO Allow Regex based origins.


[View source]
def expose_headers : Array(String) #

Array of headers that the browser is allowed to read from the response.

Maps to the access-control-expose-headers header.


[View source]
def max_age : Int32 #

Number of seconds that the results of a preflight request can be cached.

Maps to the access-control-max-age header.


[View source]