cors v0.1.0 CORS
Link to this section Summary
Functions
Check Cross Origin Request Security headers
Link to this section Functions
Link to this function
check(method, headers, config)
Check Cross Origin Request Security headers.
Examples
iex> CORS.check(:GET, [], test_config())
{:ok, :no_cors}
iex> CORS.check(:OPTIONS, [], test_config())
{:ok, :no_cors}
# Need an any config
# Test config accepts PUT but not deleteSimple CORS requests
iex> headers = [{"origin", "other.example.com"}]
...> CORS.check(:GET, headers, test_config())
{:ok, {:simple, [{"access-control-allow-origin", "other.example.com"}]}}
iex> headers = [{"origin", "other.example.com"}]
...> CORS.check(:DELETE, headers, test_config())
{:error, {:simple, :invalid_method}}Preflight CORS requests
{:ok, {:preflight, [{"access-control-allow-origin", "other.example.com"}, {"access-control-allow-methods", "PUT"}]}}
iex> headers = [
...> {"origin", "other.example.com"},
...> {"access-control-request-method", "PUT"},
...> ]
...> CORS.check(:OPTIONS, headers, test_config())
{:ok, {:preflight, [{"access-control-allow-origin", "other.example.com"}, {"access-control-allow-methods", "PUT"}]}}
iex> headers = [
...> {"origin", "bad.example.com"},
...> {"access-control-request-method", "PUT"},
...> ]
...> CORS.check(:OPTIONS, headers, test_config())
{:error, {:preflight, :invalid_origin}}