cors_plug
cors_plug copied to clipboard
mschae
An Elixir Plug to add CORS.
Hey, I have a bit strange case for me. E.g. I can not override the settings with Application config. As far as I see it happens because the init function...
This is pretty close to a feature request, but it looks like the right place for it and I'm willing to do much of the work. Is there any interest...
Do you think if it's necessary to do check the request's origin against the configuration on [OPTIONS request](https://github.com/mschae/cors_plug/blob/5dfdbb77be6a0b0eabed376a58ff88f9ee51dace/lib/cors_plug.ex#L53)?
It is possible to pass a list with wildcard domain as valid origins? ```elixir config :cors_plug, origin: ["https://*.example.com", "http://*.example.com"] ```
endpoint.ex : ``` import AppName.ConfigHelpers ... plug CORSPlug, origin: cors_origins(), headers: cors_headers() ``` Inside ConfigHelpers : ``` def cors_origins() do if System.get_env("ENV") == "production" do [@origin_regex, "https://other.com"] else ["*"] end...
any plans to support preflight options like Access-Control-Allow-Private-Network
List of changes: - bump actions/checkout to v4 - bump deps, see https://hex.pm/l/PKT1e - mix format - refactor CI to run jobs at min/max Erlang/OTP and Elixir
Use a different function name instead. Conn struct can be used further in origin detection when [fun with arity one](https://hexdocs.pm/cors_plug/readme.html#using-a-function-0-or-function-1-that-returns-the-allowed-origin-as-a-string) is passed.
Hey there, I'm not sure of the status of your plug here, hopefully you're still around. Thanks for your time on this library. I ran into a small issue with...
I've come across a minor issue in origin checks - it's probably not exploitable in the wild, but I cannot be sure of that. Should I report that here, or...
