Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I configure actix-web to accept CORS requests from any origin?

I am building a REST API with actix-web. How do I configure CORS to accept requests from any origin?

Cors::new() // <- Construct CORS middleware builder
    .allowed_origin("localhost:8081")
    .allowed_methods(vec!["GET", "POST"])
    .allowed_headers(vec![http::header::AUTHORIZATION, http::header::ACCEPT])
    .allowed_header(http::header::CONTENT_TYPE)
    .max_age(3600)

The above code works from the web at localhost:8081, but not from 0.0.0.0:8081 or 127.0.0.1:8081. I tried "*" to allow all, but it's not working. How do I allow all, or at least allow a specific origin and then pass multiple URLs?

like image 592
Bopsi Avatar asked Dec 16 '19 07:12

Bopsi


2 Answers

By default All origins is allowed

This is my simple CORS setup (allow all origins and methods + allow send credentials)

Cors::new().supports_credentials() 

You can start with it, and disallow methods, origins and headers step-by-step.

like image 148
estin Avatar answered Nov 06 '22 12:11

estin


Starting from actix-cors = "0.5.0", you can use:

Cors::permissive()

However, they recommend against using it in production: https://docs.rs/actix-cors/latest/actix_cors/struct.Cors.html#method.permissive

like image 4
Danny Sullivan Avatar answered Nov 06 '22 13:11

Danny Sullivan