CORSMiddleware {RestRserve}R Documentation

Creates CORS middleware object

Description

Adds CORS to Application. CORS Middleware out of the box in RestRserve to turn on/off the CORS Headers on preflight validation from the browser.

Cross Origin Resource Sharing is an additional security check done by moderns browsers to avoid request between different domains. To allow it RestRserve has easy way to enable your CORS policies. By default CORS policies are disabled. So if any request is coming from a different domain will be blocked by the browser as default because RestRserve will not send the headers required by the browser to allow cross site resource sharing. You can change this easy just by providing CORSMiddleware as middleware to the Application.

Super class

RestRserve::Middleware -> CORSMiddleware

Methods

Public methods

Method new()

Creates CORS middleware object

Usage
CORSMiddleware$new(routes = "/", match = "partial", id = "CORSMiddleware")
Arguments
routes

Routes paths to protect.

match

How routes will be matched: exact or partial (as prefix).

id

Middleware id.

Method clone()

The objects of this class are cloneable with this method.

Usage
CORSMiddleware$clone(deep = FALSE)
Arguments
deep

Whether to make a deep clone.

References

MDN

See Also

Middleware Application

Examples

app = Application$new(middleware = list(CORSMiddleware$new()))
app$add_post(path = "/hello", FUN = function(req, res) {
  res$set_body("Hello from RestRserve!")
})
app$add_route("/hello", method = "OPTIONS", FUN = function(req, res) {
 res$set_header("Allow", "POST, OPTIONS")
})
req = Request$new(
  path = "/hello",
  headers = list("Access-Control-Request-Method" = "POST"),
  method = "OPTIONS"
)
app$process_request(req)
[Package RestRserve version 1.2.3 Index]