Skip to content

connectrpc/cors-go

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

cors

Build Report Card GoDoc Slack

connectrpc.com/cors simplifies Cross-Origin Resource Sharing (CORS) for Connect servers. CORS is usually required for the Connect and gRPC-Web protocols to work correctly in web browsers.

For background, more details, and best practices, see Connect's CORS documentation. For more on Connect, see the announcement blog post, the documentation on connectrpc.com (especially the Getting Started guide for Go), the demo service, or the protocol specification.

Example

This package should work with any CORS implementation. As an example, we'll use it with github.com/rs/cors.

import (
  connectcors "connectrpc.com/cors"
  "github.com/rs/cors"
)

// withCORS adds CORS support to a Connect HTTP handler.
func withCORS(connectHandler http.Handler) http.Handler {
  c := cors.New(cors.Options{
    AllowedOrigins: []string{"https://acme.com"}, // replace with your domain
    AllowedMethods: connectcors.AllowedMethods(),
    AllowedHeaders: connectcors.AllowedHeaders(),
    ExposedHeaders: connectcors.ExposedHeaders(),
    MaxAge: 7200, // 2 hours in seconds
  })
  return c.Handler(connectHandler)
}

Ecosystem

Status: Unstable

This module isn't stable yet, but it's fairly small — we expect to reach a stable release quickly.

It supports the three most recent major releases of Go. Keep in mind that only the last two releases receive security patches.

Within those parameters, cors follows semantic versioning. We will not make breaking changes in the 1.x series of releases.

Legal

Offered under the Apache 2 license.