- Description: A Clack middleware to set
CORSrelatedHTTPheaders. - Licence: Unlicense
- Author: Alexander Artemenko [email protected]
- Homepage: https://40ants.com/clack-cors/
- Bug tracker: https://github.com/40ants/clack-cors/issues
- Source control: GIT
- Depends on: alexandria, log4cl, serapeum
You can install this library from Quicklisp, but you want to receive updates quickly, then install it from Ultralisp.org:
(ql-dist:install-dist "https://dist.ultralisp.org/"
:prompt nil)
(ql:quickload :clack-cors)
function clack-cors:make-cors-middleware app &key (allowed-origin *default-allowed-origin*) (allowed-headers *default-allowed-headers*) (allowed-methods *default-allowed-methods*) (error-response *default-error-response*)
Returns a Clack middleware which can be used to override CORS HTTP headers in response.
You can pass arguments ALLOWED-ORIGIN, ALLOWED-HEADERS and ALLOWED-METHODS to override corresponding headers.
If given, these arguments are extend headers, returned by the main application. For example, if main application
already returns Access-Control-Allow-Headers with value Content-Type, then it will be overwritten with
the value Authorization. To implement a smarter logic, pass as an argument a function of two variables - initial
env plist and resulting headers plist. The function should return a string which will be used
to replace a header value.
Also, you can provide a ERROR-RESPONSE argument which will be used as response
in case if original APP returns response other than a list of three items. This argument
should be a list like this:
(list 500
(list :Content-Type "application/json")
(list "{\"code\": -1, \"message\": \"Unhandled error.\"}"))
All arguments can be given as a function of two argument, in this case a function
will be called with Lack's env plist and a plist of headers returned by the main application.
Most useful keys in the env plist are :REQUEST-METHOD and :REQUEST-URI.