2025-02-22 20:52:27 +00:00 · 2020-05-17 01:41:58 +02:00 · 2020-05-17 01:41:58 +02:00 · b39b30694e
commit b39b30694e
parent 955715eea6
1 changed files with 37 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -167,6 +167,42 @@ fn main() {
 }
 ```

+### CORS Feature
+
+The cors feature allows an easy usage of this web server from other origins. By default, only
+the `Access-Control-Allow-Methods` header is touched. To change the behaviour, add your desired
+configuration as a middleware.
+
+A simple example that allows authentication from every origin (note that `*` always disallows
+authentication), and every content type, could look like this:
+
+```rust
+#[derive(Resource)]
+#[resource(read_all)]
+struct FooResource;
+
+#[read_all(FooResource)]
+fn read_all() {
+	// your handler
+}
+
+fn main() {
+	let cors = CorsConfig {
+		origin: Origin::Copy,
+		headers: vec![CONTENT_TYPE],
+		max_age: 0,
+		credentials: true
+	};
+	let (chain, pipelines) = single_pipeline(new_pipeline().add(cors).build());
+	gotham::start("127.0.0.1:8080", build_router(chain, pipelines, |route| {
+		route.resource::<FooResource>("foo");
+	}));
+}
+```
+
+The cors feature can also be used for non-resource handlers. Take a look at [`CorsRoute`]
+for an example.
+
 ### Database Feature

 The database feature allows an easy integration of [diesel] into your handler functions. Please
@ -221,6 +257,7 @@ Licensed under your option of:
 [example]: https://gitlab.com/msrd0/gotham-restful/tree/master/example
 [gotham]: https://gotham.rs/
 [serde_json]: https://github.com/serde-rs/json#serde-json----
+ [`CorsRoute`]: trait.CorsRoute.html
 [`QueryStringExtractor`]: ../gotham/extractor/trait.QueryStringExtractor.html
 [`RequestBody`]: trait.RequestBody.html
 [`State`]: ../gotham/state/struct.State.html