jaguar_cors
Last updated:
0 purchases
Description:
jaguar cors
jaguar_cors #
CORS interceptor for Jaguar.dart servers
Example #
A complete example can be found here.
library main;
import 'dart:async';
import 'package:jaguar/jaguar.dart';
import 'package:jaguar_cors/jaguar_cors.dart';
static const corsOptions = const CorsOptions(
allowedOrigins: const ['http://mine.com'],
allowAllHeaders: true,
allowAllMethods: true);
@Api(path: '/api')
class Routes extends Object with CorsHelper {
@Route(methods: const ['GET', 'OPTIONS'])
Response<String> get(Context ctx) {
cors(ctx);
if(ctx.req.method != 'GET') return null;
return Response.json('Hello foreigner!');
}
@Route(methods: const ['POST', 'OPTIONS'])
Future<Response<String>> post(Context ctx) async {
cors(ctx);
if(ctx.req.method != 'POST') return null;
return Response.json(await ctx.req.bodyAsJson());
}
}
main() async {
final server = Jaguar(port: 9000);
server.addApi(reflect(Routes()));
server.log.onRecord.listen(print);
await server.serve();
}
copied to clipboard
Docs #
Configuring Cors interceptor #
CorsOptions is used to configure cors Interceptor.
allowedOrigins List<String>: A list of origins a cross-domain request can be executed from. Setting [allowAllOrigins]
to [true] overrides [allowedOrigins] and allows all origins.
allowAllOrigins bool: Allows all origins. If set to true, overrides allowedOrigins option.
allowedMethods List<String>: A list of methods the client is allowed to use with cross-domain requests. Default
value is simple methods (GET and POST).
allowAllMethods bool: Allows all methods. If set to true, overrides allowedMethods option.
allowedHeaders List<String>: A list of non simple headers the client is allowed to use with cross-domain requests.
allowAllHeaders bool: Allows all headers. If set to true, overrides allowedHeaders option.
exposeHeaders List<String>: Indicates which headers are safe to expose to the API of a CORS API specification
exposeAllHeaders bool: Exposes all headers. If set to true, overrides exposeHeaders option.
allowCredentials bool: Indicates whether the request can include user credentials like cookies, HTTP authentication
or client side SSL certificates. The default is false.
maxAge int: Indicates how long (in seconds) the results of a preflight request can be cached. The default is 0
which stands for no max age.
vary bool:
allowNonCorsRequests bool: Should non-CORS requests be allowed?
See API documentation for more info.
Example #
static const options = const CorsOptions(
allowedOrigins: const ['http://mine.com'],
// allowedHeaders: const ['X-Requested-With'],
allowAllHeaders: true,
allowAllMethods: true);
copied to clipboard
Wrapping the Cors interceptor #
The cors interceptor itself is simple to use. It accepts a CorsOptions object as configuration.
Note:
Make sure that the route handler method/function accepts OPTIONS method.
If same route handler method/function is used to handle both preflight and actual route, the actual route body is
skipped during preflight requests
@Route(methods: const ['GET', 'OPTIONS'])
Response<String> get(Context ctx) {
cors(ctx);
if(ctx.req.method != 'GET') return null; // Skips for preflight requests
return Response.json('Hello foreigner!');
}
copied to clipboard
Example #
@Route(methods: const ['GET', 'OPTIONS'])
Response<String> get(Context ctx) {
cors(ctx);
if(ctx.req.method != 'GET') return null;
return Response.json('Hello foreigner!');
}
copied to clipboard
License:
For personal and professional use. You cannot resell or redistribute these repositories in their original state.
Files In This Product:
Customer Reviews
There are no reviews.
