🏠 Home
🤖 Github
☕ Donate
💬 Chat
👋 Welcome
API
📦 Fiber
🚀 App
🧠 Context
🧬 Middleware
BasicAuth
Cache
Compress
CORS
CSRF
Encrypt Cookie
ETag
Expvar
Favicon
FileSystem
Limiter
Logger
Monitor
Pprof
Recover
Proxy
RequestID
Session
Skip
Timeout
🌎 Client
Guide
🔌 Routing
🎭 Grouping
📝 Templates
🐛 Error Handling
🔎 Validation
Extra
🤔 FAQ
📊 Benchmarks
🍳 Examples
Powered by GitBook

CORS

CORS middleware for Fiber that that can be used to enable Cross-Origin Resource Sharing with various options.

Table of Contents

Signatures

func New(config ...Config) fiber.Handler

Examples

Import the middleware package that is part of the Fiber web framework

import (
  "github.com/gofiber/fiber/v2"
  "github.com/gofiber/fiber/v2/middleware/cors"
)

After you initiate your Fiber app, you can use the following possibilities:

// Default config
app.Use(cors.New())
// Or extend your config for customization
app.Use(cors.New(cors.Config{
    AllowOrigins: "https://gofiber.io, https://gofiber.net",
    AllowHeaders:  "Origin, Content-Type, Accept",
}))

Config

// Config defines the config for middleware.
type Config struct {
    // Next defines a function to skip this middleware when returned true.
    //
    // Optional. Default: nil
    Next func(c *fiber.Ctx) bool
    // AllowOrigin defines a list of origins that may access the resource.
    //
    // Optional. Default value "*"
    AllowOrigins string
    // AllowMethods defines a list methods allowed when accessing the resource.
    // This is used in response to a preflight request.
    //
    // Optional. Default value "GET,POST,HEAD,PUT,DELETE,PATCH"
    AllowMethods string
    // AllowHeaders defines a list of request headers that can be used when
    // making the actual request. This is in response to a preflight request.
    //
    // Optional. Default value "".
    AllowHeaders string
    // AllowCredentials indicates whether or not the response to the request
    // can be exposed when the credentials flag is true. When used as part of
    // a response to a preflight request, this indicates whether or not the
    // actual request can be made using credentials.
    //
    // Optional. Default value false.
    AllowCredentials bool
    // ExposeHeaders defines a whitelist headers that clients are allowed to
    // access.
    //
    // Optional. Default value "".
    ExposeHeaders string
    // MaxAge indicates how long (in seconds) the results of a preflight request
    // can be cached.
    //
    // Optional. Default value 0.
    MaxAge int
}

Default Config

var ConfigDefault = Config{
    Next:             nil,
    AllowOrigins:     "*",
    AllowMethods:     "GET,POST,HEAD,PUT,DELETE,PATCH",
    AllowHeaders:     "",
    AllowCredentials: false,
    ExposeHeaders:    "",
    MaxAge:           0,
}
Previous
Compress
Next
CSRF
Last updated 5 months ago
Edit on GitHub
Contents
Table of Contents
Signatures
Examples
Config
Default Config