You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add an option to give allowed headers, allowed methods and allowed origins from user.
An alternative version of the current implementation is:
asyncfncors_middleware(mutres:HttpResponse,req_info:RequestInfo) -> crate::Result<HttpResponse>{let headers = res.headers_mut();
headers.insert(header::ACCESS_CONTROL_ALLOW_ORIGIN,HeaderValue::from_static("*"));
headers.insert(
header::ACCESS_CONTROL_ALLOW_METHODS,// Do not use "*" as this wildcard is not supported in safari etc browsers.HeaderValue::from_static("GET,HEAD,POST,PUT,DELETE,CONNECT,OPTIONS,TRACE,PATCH"),);ifletSome(requested_headers) = req_info.headers().get(header::ACCESS_CONTROL_REQUEST_HEADERS){
headers.insert(header::ACCESS_CONTROL_ALLOW_HEADERS, requested_headers.clone());}else{
headers.insert(header::ACCESS_CONTROL_ALLOW_HEADERS,HeaderValue::from_static("*"));}Ok(res)}
The text was updated successfully, but these errors were encountered:
rousan
changed the title
The wildcard in "Access-Control-Expose-Headers" and "Access-Control-Allow-Methods" are not supported in Safari and Android firefox etc.
The wildcard(*) in "Access-Control-Expose-Headers" and "Access-Control-Allow-Methods" are not supported in Safari and Android firefox etc.
Jul 30, 2020
rousan
changed the title
The wildcard(*) in "Access-Control-Expose-Headers" and "Access-Control-Allow-Methods" are not supported in Safari and Android firefox etc.
The wildcard(*) in "Access-Control-Allow-Headers" and "Access-Control-Allow-Methods" are not supported in Safari and Android firefox browsers.
Jul 30, 2020
Add an option to give allowed headers, allowed methods and allowed origins from user.
An alternative version of the current implementation is:
References
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
The text was updated successfully, but these errors were encountered: