# README

CORS Middleware

CORS (Cross Origin Resource Sharing) is a technique that allows a microservice in combination with a client to control the way a microservice can be called. For this, the microservice provides information from which websites calls to the microservice can be sent. The client on the other side checks this information and prevents websites from calling the microservice, that are not allowed to do so. A more in depth description can be found here

This middleware intercepts the OPTIONS method to provide the CORS information to clients. It gets a list of allowed methods and headers and will prevent requests to pass through, that do not fulfill the requirements.

Example

finalHandler := midgard.StackMiddlewareHandler(
    []midgard.Middleware{
        util.Must(cors.New(
            cors.WithHeaders(cors.MinimumAllowHeaders()),
            cors.WithMethods([]string{http.MethodGet}),
            cors.WithOrigins([]string{"*"}))),
    },
    http.HandlerFunc(HelloHandler),
)

If no headers are specified, all headers are allowed. A minimal set of headers is provided via cors.MinimumAllowHeaders. Similar, if no methods are specified, all methods are allowed. If at least one of the allowed origins is * or nothing is specified, the allowed origins are set to just contain *. Thus, a CORS middleware that is not parametrized, will allow all requests to pass and not filter anything. It just intercepts the OPTIONS method.

# Functions

MinimumAllowHeaders

MinimumAllowHeaders returns a minimal list of headers, that should not do harm.

New

New sets up the cross site scripting circumvention disable headers.

WithHeaders

WithHeaders sets the allowed headers.

WithLogger

WithLogger configures the logger to use.

WithLogLevel

WithLogLevel configures the log level to use with the logger.

WithMethods

WithMethods sets the allowed methods.

WithOrigins

WithOrigins sets the allowed origins.

# Structs

Handler

Handler is a middleware that sets up the cross site scripting circumvention headers.