🐘
pREST
  • pRESTd
    • Who uses pREST
    • pRESTd Key Features
    • Contributing to pRESTd
    • pREST in the Media
    • Code of Conduct
    • Code of Ethics
  • Get pREST
    • Development Guide
    • Start with Docker
    • Start with Golang
    • Start with Homebrew
  • Get Started
    • Configuring pREST
    • CORS Support
    • Cache
    • Migrating
    • Permissions
  • API Reference
    • Custom Queries
    • Auth
    • Parameters
    • Advanced Queries
  • Deployment
    • Deploying with Docker
    • Deploy in Heroku
  • Plugins
    • Middleware Plugin
    • Endpoint Plugin
  • Integrations
    • Amazon Redshift
    • TimescaleDB
    • YugabyteDB
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
  1. Get Started

CORS Support

PreviousConfiguring pRESTNextCache

Was this helpful?

is an HTTP-header based mechanism that allows a server to indicate any origins (domain, scheme, or port) other than its own from which a browser should permit loading resources. CORS also relies on a mechanism by which browsers make a "preflight" request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request.

There are two settings to be made for releasing CORS (Cross-Origin Resource Sharing) in pretsd, source and method.

In the prest.toml you can configure the CORS allowed origin.

Example:

[cors]
alloworigin = ["https://prestd.com", "http://foo.com"]
allowheaders = ["Content-Type"]
allowmethods = ["GET", "DELETE", "POST", "PUT", "PATCH", "OPTIONS"]

if you want to release all origins just use asterisk * as the org item, thus: alloworigin = ["*"]

Cross-Origin Resource Sharing (CORS)