Skip to content

CORS Header Plugin

Jump to bottom Edit New page
Todd Fredrich edited this page Jul 3, 2013 · 6 revisions

Adds support for CORS setting the 'Access-Control-Allow-Origin' header on the response for GET requests. General RestExpress plugin to support CORS (Cross-origin Resource Sharing) pre-flight OPTIONS request, as well as CORS headers support, such as setting the 'Access-Control-Allow-Origin' header. Usage

Usage of the CORS Plugin is basically the same as the other plugins in this registry. Simply create a new plugin and register it with the RestExpress server, setting options as necessary, using method chaining if desired.

NOTE It's recommended to make this the LAST plugin registered as it iterates all routes defined in your service suite and adds an OPTIONS route, if configured to support the CORS OPTIONS pre-flight request.

To support the CORS OPTIONS Preflight request:

RestExpress server = new RestExpress()...

new CorsHeaderPlugin("*")					// Array of domain strings.
	.exposeHeaders("Location")				// Array of header names (Optional).
	.allowHeaders("Content-Type", "Accept")			// Array of header names (Optional).
	.maxAge(2592000)					// Seconds to cache (Optional).
	.flag("flag value")					// Just like flag() on Routes (Optional).
	.parameter("string", object)				// Just like parameter() on Routes (Optional).
	.register(server);

Or to NOT support the CORS OPTIONS Preflight request:

RestExpress server = new RestExpress()...

new CorsHeaderPlugin("*")					// Array of domain strings.
	.exposeHeaders("Location")				// Array of header names (Optional).
	.noPreflightSupport()					// Turn off OPTIONS request support.
	.register(server);
Add a custom footer
Add a custom sidebar

Clone this wiki locally