DEV Community

Werner Echezuría
Werner Echezuría

Posted on

Practical Rust Web Development - Cors

In order to make our lives easier and move on to the series, let's make a statement, our API will be public, anyone can connect to us through a token, so, this means we should modify the way we handle Cors, allowing all accesses.

We need to modify our main file to handle all requests in our cors configuration.

src/main.rs:

            cors::Cors::new()
                .send_wildcard()
                .allowed_methods(vec!["GET", "POST", "PUT", "DELETE"])
                .allowed_headers(vec![header::AUTHORIZATION,
                                      header::CONTENT_TYPE,
                                      header::ACCEPT,
                                      csrf_token_header.clone()])
                .expose_headers(vec![csrf_token_header.clone()])
                .max_age(3600)

Reference in source code

Top comments (0)