clack-cors
2024-10-12
A Clack middleware to set CORS related HTTP headers.
clack-cors - A Clack middleware to set CORS related HTTP headers.
CLACK-CORS ASDF System Details
- Description: A Clack middleware to set
CORS
relatedHTTP
headers. - Licence: Unlicense
- Author: Alexander Artemenko [email protected]
- Homepage: https://40ants.com/clack-cors/
- Bug tracker: https://github.com/40ants/clack-cors/issues
- Source control: GIT
- Depends on: alexandria, log4cl, serapeum
Installation
You can install this library from Quicklisp, but you want to receive updates quickly, then install it from Ultralisp.org:
(ql-dist:install-dist "http://dist.ultralisp.org/"
:prompt nil)
(ql:quickload :clack-cors)
Usage
function clack-cors:make-cors-middleware
app &key (allowed-origin *default-allowed-origin*) (allowed-headers *default-allowed-headers*) (allowed-methods *default-allowed-methods*) (error-response *default-error-response*)
Returns a Clack middleware which can be used to override CORS
HTTP
headers in response.
You can pass arguments ALLOWED-ORIGIN
, ALLOWED-HEADERS
and ALLOWED-METHODS
to override corresponding headers.
If given, these arguments are extend headers, returned by the main application. For example, if main application
already returns Access-Control-Allow-Headers
with value Content-Type
, then it will be overwritten with
the value Authorization
. To implement a smarter logic, pass as an argument a function of two variables - initial
env
plist and resulting headers plist
. The function should return a string which will be used
to replace a header value.
Also, you can provide a ERROR-RESPONSE
argument which will be used as response
in case if original APP
returns response other than a list of three items. This argument
should be a list like this:
(list 500
(list :Content-Type "application/json")
(list "{\"code\": -1, \"message\": \"Unhandled error.\"}"))
All arguments can be given as a function of two argument, in this case a function
will be called with Lack's env
plist and a plist of headers returned by the main application.
Most useful keys in the env
plist are :REQUEST-METHOD
and :REQUEST-URI
.
variable clack-cors:*default-allowed-origin*
nil
Default value to return as Access-Control-Allow-Origin
HTTP
header.
variable clack-cors:*default-allowed-headers*
nil
Default value to return as Access-Control-Allow-Headers
HTTP
header.
variable clack-cors:*default-allowed-methods*
nil
Default value to return as Access-Control-Allow-Methods
HTTP
header.
variable clack-cors:*default-error-response*
(500 (:CONTENT-TYPE "application/json")
("{"code": -1, "message": "Unhandled error."}"))
Default value to return if main app will not return a list of three items.