mirror of
https://github.com/gofiber/fiber.git
synced 2025-05-06 23:59:40 +00:00
100 lines
2.5 KiB
Markdown
100 lines
2.5 KiB
Markdown
---
|
|
id: cors
|
|
title: CORS
|
|
---
|
|
|
|
CORS middleware for [Fiber](https://github.com/gofiber/fiber) that can be used to enable [Cross-Origin Resource Sharing](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) with various options.
|
|
|
|
## Signatures
|
|
|
|
```go
|
|
func New(config ...Config) fiber.Handler
|
|
```
|
|
|
|
## Examples
|
|
|
|
Import the middleware package that is part of the Fiber web framework
|
|
|
|
```go
|
|
import (
|
|
"github.com/gofiber/fiber/v2"
|
|
"github.com/gofiber/fiber/v2/middleware/cors"
|
|
)
|
|
```
|
|
|
|
After you initiate your Fiber app, you can use the following possibilities:
|
|
|
|
```go
|
|
// Default config
|
|
app.Use(cors.New())
|
|
|
|
// Or extend your config for customization
|
|
app.Use(cors.New(cors.Config{
|
|
AllowOrigins: "https://gofiber.io, https://gofiber.net",
|
|
AllowHeaders: "Origin, Content-Type, Accept",
|
|
}))
|
|
```
|
|
|
|
## Config
|
|
|
|
```go
|
|
// Config defines the config for middleware.
|
|
type Config struct {
|
|
// Next defines a function to skip this middleware when returned true.
|
|
//
|
|
// Optional. Default: nil
|
|
Next func(c *fiber.Ctx) bool
|
|
|
|
// AllowOrigin defines a list of origins that may access the resource.
|
|
//
|
|
// Optional. Default value "*"
|
|
AllowOrigins string
|
|
|
|
// AllowMethods defines a list of methods allowed when accessing the resource.
|
|
// This is used in response to a preflight request.
|
|
//
|
|
// Optional. Default value "GET,POST,HEAD,PUT,DELETE,PATCH"
|
|
AllowMethods string
|
|
|
|
// AllowHeaders defines a list of request headers that can be used when
|
|
// making the actual request. This is in response to a preflight request.
|
|
//
|
|
// Optional. Default value "".
|
|
AllowHeaders string
|
|
|
|
// AllowCredentials indicates whether or not the response to the request
|
|
// can be exposed when the credentials flag is true. When used as part of
|
|
// a response to a preflight request, this indicates whether or not the
|
|
// actual request can be made using credentials.
|
|
//
|
|
// Optional. Default value false.
|
|
AllowCredentials bool
|
|
|
|
// ExposeHeaders defines a whitelist headers that clients are allowed to
|
|
// access.
|
|
//
|
|
// Optional. Default value "".
|
|
ExposeHeaders string
|
|
|
|
// MaxAge indicates how long (in seconds) the results of a preflight request
|
|
// can be cached.
|
|
//
|
|
// Optional. Default value 0.
|
|
MaxAge int
|
|
}
|
|
```
|
|
|
|
## Default Config
|
|
|
|
```go
|
|
var ConfigDefault = Config{
|
|
Next: nil,
|
|
AllowOrigins: "*",
|
|
AllowMethods: "GET,POST,HEAD,PUT,DELETE,PATCH",
|
|
AllowHeaders: "",
|
|
AllowCredentials: false,
|
|
ExposeHeaders: "",
|
|
MaxAge: 0,
|
|
}
|
|
```
|