struct Athena::Routing::Config::CORS

Athena::Routing::Config::CORS
Struct
Value
Object

Overview

Configuration options for ART::Listeners::CORS. See .configure.

TODO Allow scoping CORS options to specific routes versus applying them to all routes.

Defined in:

config/cors_config.cr

Constructors

.new(allow_credentials : Bool = false, allow_origin : Array(String) = [] of String, allow_headers : Array(String) = [] of String, allow_methods : Array(String) = Athena::Routing::Listeners::CORS::SAFELISTED_METHODS, expose_headers : Array(String) = [] of String, max_age : Int32 = 0)
See .configure.

Class Method Summary

.configure : self | Nil
This method should be overridden in order to provide the configuration for ART::Listeners::CORS.

Instance Method Summary

#allow_credentials : Bool
Indicates whether the request can be made using credentials.
#allow_headers : Array(String)
The header or headers that can be used when making the actual request.
#allow_methods : Array(String)
The method or methods allowed when accessing the resource.
#allow_origin : Array(String)
A white-listed array of valid origins.
#expose_headers : Array(String)
Array of headers that the browser is allowed to read from the response.
#max_age : Int32
Number of seconds that the results of a preflight request can be cached.

Constructor Detail

def self.new(allow_credentials : Bool = false, allow_origin : Array(String) = [] of String, allow_headers : Array(String) = [] of String, allow_methods : Array(String) = Athena::Routing::Listeners::CORS::SAFELISTED_METHODS, expose_headers : Array(String) = [] of String, max_age : Int32 = 0) #

See .configure.

[View source]

Class Method Detail

def self.configure : self | Nil #

This method should be overridden in order to provide the configuration for ART::Listeners::CORS. See the external documentation for more details.

By default it returns nil, which disables the listener.

# Returns an `ART::Config::CORS` instance that will determine how the listener functions.
def ART::Config::CORS.configure : ART::Config::CORS?
  new(
    allow_credentials: true,
    allow_origin: %(https://app.example.com),
    expose_headers: %w(X-Transaction-ID X-Some-Custom-Header),
  )
end

[View source]

Instance Method Detail

def allow_credentials : Bool #

Indicates whether the request can be made using credentials.

Maps to the access-control-allow-credentials header.

[View source]

def allow_headers : Array(String) #

The header or headers that can be used when making the actual request.

Can be set to ["*"] to allow any headers.

maps to the access-control-allow-headers header.

[View source]

def allow_methods : Array(String) #

The method or methods allowed when accessing the resource.

Maps to the access-control-allow-methods header. Defaults to the CORS-safelisted methods.

[View source]

def allow_origin : Array(String) #

A white-listed array of valid origins.

Can be set to ["*"] to allow any origin.

TODO Allow Regex based origins.

[View source]

def expose_headers : Array(String) #

Array of headers that the browser is allowed to read from the response.

Maps to the access-control-expose-headers header.

[View source]

def max_age : Int32 #

Number of seconds that the results of a preflight request can be cached.

Maps to the access-control-max-age header.

[View source]

CrystalDoc.info

athena

struct Athena::Routing::Config::CORS

Overview

Defined in:

Constructors

Class Method Summary

Instance Method Summary

Constructor Detail

Class Method Detail

Instance Method Detail