philiprehberger-cors

CORS middleware with origin validation and preflight handling

Requirements

Ruby >= 3.1

Installation

Add to your Gemfile:

gem "philiprehberger-cors"

Or install directly:

gem install philiprehberger-cors

Usage

require "philiprehberger/cors"

use Philiprehberger::Cors::Middleware,
  origins: ['https://example.com'],
  methods: %w[GET POST PUT DELETE],
  headers: %w[Content-Type Authorization],
  credentials: true,
  max_age: 86_400

Wildcard Origins

use Philiprehberger::Cors::Middleware, origins: '*'

Multiple Origins

use Philiprehberger::Cors::Middleware,
  origins: ['https://app.example.com', 'https://admin.example.com']

With Credentials

use Philiprehberger::Cors::Middleware,
  origins: ['https://app.example.com'],
  credentials: true

API

`Cors::Middleware`

Method	Description
`.new(app, origins:, methods:, headers:, credentials:, max_age:)`	Create CORS middleware

Options

Option	Default	Description
`origins`	`'*'`	Allowed origins (string or array)
`methods`	`GET POST PUT PATCH DELETE HEAD OPTIONS`	Allowed HTTP methods
`headers`	`Content-Type Accept Authorization`	Allowed request headers
`credentials`	`false`	Allow credentials
`max_age`	`86400`	Preflight cache duration in seconds

Development

bundle install
bundle exec rspec
bundle exec rubocop

Support

If you find this project useful:

⭐ Star the repo

🐛 Report issues

💡 Suggest features

❤️ Sponsor development

🌐 All Open Source Projects

💻 GitHub Profile

🔗 LinkedIn Profile

License

MIT