object CORS
Implements the CORS protocol. The actual middleware is a CORSPolicy, which can be obtained via #policy.
- Source
- CORS.scala
- See also
- Alphabetic
- By Inheritance
- CORS
- AnyRef
- Any
- Hide All
- Show All
- Public
- All
Value Members
-
final
def
!=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
##(): Int
- Definition Classes
- AnyRef → Any
-
final
def
==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
asInstanceOf[T0]: T0
- Definition Classes
- Any
-
def
clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( ... ) @native()
-
final
def
eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
def
equals(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
def
finalize(): Unit
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( classOf[java.lang.Throwable] )
-
final
def
getClass(): Class[_]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
def
hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
final
def
isInstanceOf[T0]: Boolean
- Definition Classes
- Any
-
final
def
ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
final
def
notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
final
def
notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
val
policy: CORSPolicy
The default CORS policy: - Sends
Access-Control-Allow-Origin: *
- Sends noAccess-Control-Allow-Credentials
- Sends noAccess-Control-Expose-Headers
- SendsAccess-Control-Allow-Methods: GET, HEAD, POST
- Reflects request'sAccess-Control-Request-Headers
asAccess-Control-Allow-Headers
- Sends noAccess-Control-Max-Age
-
final
def
synchronized[T0](arg0: ⇒ T0): T0
- Definition Classes
- AnyRef
-
def
toString(): String
- Definition Classes
- AnyRef → Any
-
final
def
wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... ) @native()
Deprecated Value Members
-
def
DefaultCORSConfig: CORSConfig
- Annotations
- @deprecated
- Deprecated
(Since version 0.21.27) The default
CORSConfig
is insecure. See https://github.com/http4s/http4s/security/advisories/GHSA-52cf-226f-rhr6.
-
def
apply[F[_], G[_]](http: Http[F, G], config: CORSConfig = CORSConfig.default)(implicit F: Applicative[F]): Http[F, G]
CORS middleware This middleware provides clients with CORS information based on information in CORS config.
CORS middleware This middleware provides clients with CORS information based on information in CORS config. Currently, you cannot make permissions depend on request details
- Annotations
- @deprecated @nowarn()
- Deprecated
(Since version 0.21.27) Depends on a deficient
CORSConfig
. See https://github.com/http4s/http4s/security/advisories/GHSA-52cf-226f-rhr6. If config.anyOrigin is true and config.allowCredentials is true, then theAccess-Control-Allow-Credentials
header will be suppressed starting with 0.22.3.
-
val
defaultVaryHeader: Raw
- Annotations
- @deprecated
- Deprecated
(Since version 0.21.27) Not the actual default CORS Vary heder, and will be removed from the public API.
-
def
httpApp[F[_]](httpApp: HttpApp[F])(implicit arg0: Applicative[F]): HttpApp[F]
- Annotations
- @deprecated
- Deprecated
(Since version 0.21.27) Hardcoded to an insecure config. See https://github.com/http4s/http4s/security/advisories/GHSA-52cf-226f-rhr6.
-
def
httpRoutes[F[_]](httpRoutes: HttpRoutes[F])(implicit arg0: Monad[F]): HttpRoutes[F]
- Annotations
- @deprecated
- Deprecated
(Since version 0.21.27) Hardcoded to an insecure config. See https://github.com/http4s/http4s/security/advisories/GHSA-52cf-226f-rhr6.