2#include "crow/common.h"
3#include "crow/http_request.h"
4#include "crow/http_response.h"
5#include "crow/routing.h"
26 add_list_item(methods_, crow::method_name(method));
31 template<
typename... Methods>
34 add_list_item(methods_, crow::method_name(method));
42 add_list_item(headers_, header);
47 template<
typename... Headers>
50 add_list_item(headers_, header);
58 add_list_item(exposed_headers_, header);
63 template<
typename... Headers>
66 add_list_item(exposed_headers_, header);
74 max_age_ = std::to_string(
max_age);
81 allow_credentials_ =
true;
106 void add_list_item(std::string& list,
const std::string& val)
108 if (list ==
"*") list =
"";
109 if (list.size() > 0) list +=
", ";
114 void set_header_no_override(
const std::string& key,
const std::string& value,
crow::response& res)
116 if (value.size() == 0)
return;
122 void apply(
const request& req, response& res)
126 set_header_no_override(
"Access-Control-Allow-Methods", methods_, res);
127 set_header_no_override(
"Access-Control-Allow-Headers", headers_, res);
128 set_header_no_override(
"Access-Control-Expose-Headers", exposed_headers_, res);
129 set_header_no_override(
"Access-Control-Max-Age", max_age_, res);
131 bool origin_set =
false;
133 if (req.method != HTTPMethod::Options)
135 if (allow_credentials_)
137 set_header_no_override(
"Access-Control-Allow-Credentials",
"true", res);
140 set_header_no_override(
"Access-Control-Allow-Origin", req.get_header_value(
"Origin"), res);
147 set_header_no_override(
"Access-Control-Allow-Origin", origin_, res);
151 bool ignore_ =
false;
153 std::string origin_ =
"*";
154 std::string methods_ =
"*";
155 std::string headers_ =
"*";
156 std::string exposed_headers_;
157 std::string max_age_;
158 bool allow_credentials_ =
false;
160 CORSHandler* handler_;
179 auto& rule = find_rule(req.
url);
180 rule.apply(req, res);
187 return rules.back().second;
193 rules.emplace_back(bp.prefix(),
CORSRules(
this));
194 return rules.back().second;
204 CORSRules& find_rule(
const std::string& path)
207 for (
auto& rule : rules)
210 if (path.rfind(rule.first, 0) == 0)
218 std::vector<std::pair<std::string, CORSRules>> rules;
219 CORSRules default_ = CORSRules(
this);
234 return handler_->
global();
A blueprint can be considered a smaller section of a Crow app, specifically where the router is conce...
Definition routing.h:1091
The main namespace of the library. In this namespace is defined the most important classes and functi...
const std::string & get_header_value(const T &headers, const std::string &key)
Find and return the value associated with the key. (returns an empty string if nothing is found)
Definition http_request.h:24
CORSHandler is a global middleware for setting CORS headers.
Definition cors.h:170
CORSRules & global()
Get the global CORS policy.
Definition cors.h:198
CORSRules & blueprint(const Blueprint &bp)
Handle CORS for a specific blueprint.
Definition cors.h:191
CORSRules & prefix(const std::string &prefix)
Handle CORS on a specific prefix path.
Definition cors.h:184
Used for tuning CORS policies.
Definition cors.h:13
CORSRules & global()
Global CORS policy.
Definition cors.h:232
CORSRules & origin(const std::string &origin)
Set Access-Control-Allow-Origin. Default is "*".
Definition cors.h:17
CORSRules & methods(crow::HTTPMethod method, Methods... method_list)
Set Access-Control-Allow-Methods. Default is "*".
Definition cors.h:32
CORSRules & headers(const std::string &header)
Set Access-Control-Allow-Headers. Default is "*".
Definition cors.h:40
CORSRules & expose(const std::string &header)
Set Access-Control-Expose-Headers. Default is none.
Definition cors.h:56
CORSRules & headers(const std::string &header, Headers... header_list)
Set Access-Control-Allow-Headers. Default is "*".
Definition cors.h:48
CORSRules & expose(const std::string &header, Headers... header_list)
Set Access-Control-Expose-Headers. Default is none.
Definition cors.h:64
CORSRules & prefix(const std::string &prefix)
Handle CORS on specific prefix path.
Definition cors.h:222
CORSRules & max_age(int max_age)
Set Access-Control-Max-Age. Default is none.
Definition cors.h:72
CORSRules & blueprint(const Blueprint &bp)
Handle CORS for specific blueprint.
Definition cors.h:227
CORSRules & allow_credentials()
Enable Access-Control-Allow-Credentials.
Definition cors.h:79
CORSRules & methods(crow::HTTPMethod method)
Set Access-Control-Allow-Methods. Default is "*".
Definition cors.h:24
void ignore()
Ignore CORS and don't send any headers.
Definition cors.h:86
An HTTP request.
Definition http_request.h:36
std::string url
The endpoint without any parameters.
Definition http_request.h:39
HTTP response.
Definition http_response.h:34
void add_header(std::string key, std::string value)
Add a new header to the response.
Definition http_response.h:58
ci_map headers
HTTP headers.
Definition http_response.h:42