CORSMethodMiddleware automatically sets the Access-Control-Allow-Methods response header on requests for routes that have an OPTIONS method matcher to all the method matchers on the route. Routes that do not explicitly handle OPTIONS requests will not be processed by the middleware. See examples for
(r *Router)
| 37 | // the route. Routes that do not explicitly handle OPTIONS requests will not be processed |
| 38 | // by the middleware. See examples for usage. |
| 39 | func CORSMethodMiddleware(r *Router) MiddlewareFunc { |
| 40 | return func(next http.Handler) http.Handler { |
| 41 | return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { |
| 42 | allMethods, err := getAllMethodsForRoute(r, req) |
| 43 | if err == nil { |
| 44 | for _, v := range allMethods { |
| 45 | if v == http.MethodOptions { |
| 46 | w.Header().Set("Access-Control-Allow-Methods", strings.Join(allMethods, ",")) |
| 47 | } |
| 48 | } |
| 49 | } |
| 50 | |
| 51 | next.ServeHTTP(w, req) |
| 52 | }) |
| 53 | } |
| 54 | } |
| 55 | |
| 56 | // getAllMethodsForRoute returns all the methods from method matchers matching a given |
| 57 | // request. |