cors/README.md

# CORS gin's middleware

[![Build Status](https://travis-ci.org/gin-contrib/cors.svg)](https://travis-ci.org/gin-contrib/cors)
[![codecov](https://codecov.io/gh/gin-contrib/cors/branch/master/graph/badge.svg)](https://codecov.io/gh/gin-contrib/cors)
[![Go Report Card](https://goreportcard.com/badge/github.com/gin-contrib/cors)](https://goreportcard.com/report/github.com/gin-contrib/cors)
[![GoDoc](https://godoc.org/github.com/gin-contrib/cors?status.svg)](https://godoc.org/github.com/gin-contrib/cors)
[![Join the chat at https://gitter.im/gin-gonic/gin](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gin-gonic/gin)

Gin middleware/handler to enable CORS support.

## Usage

### Start using it

Download and install it:

```sh
$ go get github.com/gin-contrib/cors
```

Import it in your code:

```go
import "github.com/gin-contrib/cors"
```

### Canonical example:

```go
package main

import (
	"time"

	"github.com/gin-contrib/cors"
	"github.com/gin-gonic/gin"
)

func main() {
	router := gin.Default()
	// CORS for https://foo.com and https://github.com origins, allowing:
	// - PUT and PATCH methods
	// - Origin header
	// - Credentials share
	// - Preflight requests cached for 12 hours
	router.Use(cors.New(cors.Config{
		AllowOrigins:     []string{"https://foo.com"},
		AllowMethods:     []string{"PUT", "PATCH"},
		AllowHeaders:     []string{"Origin"},
		ExposeHeaders:    []string{"Content-Length"},
		AllowCredentials: true,
		AllowOriginFunc: func(origin string) bool {
			return origin == "https://github.com"
		},
		MaxAge: 12 * time.Hour,
	}))
	router.Run()
}
```

### Using DefaultConfig as start point

```go
func main() {
	router := gin.Default()
	// - No origin allowed by default
	// - GET,POST, PUT, HEAD methods
	// - Credentials share disabled
	// - Preflight requests cached for 12 hours
	config := cors.DefaultConfig()
	config.AllowOrigins = []string{"http://google.com"}
	config.AddAllowOrigins("http://facebook.com")
	// config.AllowOrigins == []string{"http://google.com", "http://facebook.com"}

	router.Use(cors.New(config))
	router.Run()
}
```

### Default() allows all origins

```go
func main() {
	router := gin.Default()
	// same as
	// config := cors.DefaultConfig()
	// config.AllowAllOrigins = true
	// router.Use(cors.New(config))
	router.Use(cors.Default())
	router.Run()
}
```
Adds some documentation and README 2015-11-12 15:14:49 +01:00			`# CORS gin's middleware`
update readme. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-19 14:51:59 +02:00
			`[![Build Status](https://travis-ci.org/gin-contrib/cors.svg)](https://travis-ci.org/gin-contrib/cors)`
			`[![codecov](https://codecov.io/gh/gin-contrib/cors/branch/master/graph/badge.svg)](https://codecov.io/gh/gin-contrib/cors)`
			`[![Go Report Card](https://goreportcard.com/badge/github.com/gin-contrib/cors)](https://goreportcard.com/report/github.com/gin-contrib/cors)`
			`[![GoDoc](https://godoc.org/github.com/gin-contrib/cors?status.svg)](https://godoc.org/github.com/gin-contrib/cors)`
[ci skip] update gin gitter link. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-12-01 09:50:15 +01:00			`[![Join the chat at https://gitter.im/gin-gonic/gin](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gin-gonic/gin)`
update readme. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-19 14:51:59 +02:00
Adds some documentation and README 2015-11-12 15:14:49 +01:00			`Gin middleware/handler to enable CORS support.`

			`## Usage`

update readme for relase v1.0 Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-31 09:19:39 +01:00			`### Start using it`

[ci skip] update readme Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-11-09 07:27:26 +01:00			`Download and install it:`
update readme for relase v1.0 Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-31 09:19:39 +01:00
			```sh
Unify ‘github.com’ wording with code. (#26) 2017-06-27 18:18:33 +02:00			`$ go get github.com/gin-contrib/cors`
update readme for relase v1.0 Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-31 09:19:39 +01:00			```

[ci skip] update readme Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-11-09 07:27:26 +01:00			`Import it in your code:`
update readme for relase v1.0 Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-31 09:19:39 +01:00
			```go
Unify ‘github.com’ wording with code. (#26) 2017-06-27 18:18:33 +02:00			`import "github.com/gin-contrib/cors"`
update readme for relase v1.0 Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-31 09:19:39 +01:00			```

update readme. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-19 14:51:59 +02:00			`### Canonical example:`
Adds some documentation and README 2015-11-12 15:14:49 +01:00
			```go
			`package main`

			`import (`
			`"time"`

Unify ‘github.com’ wording with code. (#26) 2017-06-27 18:18:33 +02:00			`"github.com/gin-contrib/cors"`
fix: revert gin link. (#20) 2017-03-18 13:45:46 +01:00			`"github.com/gin-gonic/gin"`
Adds some documentation and README 2015-11-12 15:14:49 +01:00			`)`

			`func main() {`
			`router := gin.Default()`
			`// CORS for https://foo.com and https://github.com origins, allowing:`
			`// - PUT and PATCH methods`
			`// - Origin header`
			`// - Credentials share`
			`// - Preflight requests cached for 12 hours`
			`router.Use(cors.New(cors.Config{`
			`AllowOrigins: []string{"https://foo.com"},`
			`AllowMethods: []string{"PUT", "PATCH"},`
			`AllowHeaders: []string{"Origin"},`
			`ExposeHeaders: []string{"Content-Length"},`
			`AllowCredentials: true,`
			`AllowOriginFunc: func(origin string) bool {`
			`return origin == "https://github.com"`
			`},`
			`MaxAge: 12 * time.Hour,`
			`}))`
			`router.Run()`
			`}`
			```

update readme. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-19 14:51:59 +02:00			`### Using DefaultConfig as start point`
Adds some documentation and README 2015-11-12 15:14:49 +01:00
			```go
			`func main() {`
update readme. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-19 14:51:59 +02:00			`router := gin.Default()`
			`// - No origin allowed by default`
			`// - GET,POST, PUT, HEAD methods`
			`// - Credentials share disabled`
			`// - Preflight requests cached for 12 hours`
			`config := cors.DefaultConfig()`
			`config.AllowOrigins = []string{"http://google.com"}`
			`config.AddAllowOrigins("http://facebook.com")`
			`// config.AllowOrigins == []string{"http://google.com", "http://facebook.com"}`
Adds some documentation and README 2015-11-12 15:14:49 +01:00
update readme. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-19 14:51:59 +02:00			`router.Use(cors.New(config))`
			`router.Run()`
Adds some documentation and README 2015-11-12 15:14:49 +01:00			`}`
			```

update readme. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-19 14:51:59 +02:00			`### Default() allows all origins`
Adds some documentation and README 2015-11-12 15:14:49 +01:00
			```go
Improves unit tests 2015-11-12 15:19:58 +01:00			`func main() {`
update readme. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> 2016-10-19 14:51:59 +02:00			`router := gin.Default()`
			`// same as`
			`// config := cors.DefaultConfig()`
			`// config.AllowAllOrigins = true`
			`// router.Use(cors.New(config))`
			`router.Use(cors.Default())`
			`router.Run()`
Improves unit tests 2015-11-12 15:19:58 +01:00			`}`
Adds some documentation and README 2015-11-12 15:14:49 +01:00			```