NAME
Plack::Middleware::CrossOrigin - Adds headers to allow Cross-Origin Resource Sharing
VERSION
version 0.004
SYNOPSIS
# Allow any WebDAV or standard HTTP request from any location.
builder {
enable 'CrossOrigin', origins => '*';
$app;
};
# Allow GET and POST requests from any location, cache results for 30 days.
builder {
enable 'CrossOrigin',
origins => '*', methods => ['GET', 'POST'], max_age => 60*60*24*30;
$app;
};DESCRIPTION
Adds Cross Origin Request Sharing headers used by modern browsers to allow XMLHttpRequests across domains.
CONFIGURATION
- origins
-
A list of allowed origins. Origins should be formatted as a URL scheme and host. (
http://www.example.com) '*' can be specified to allow access from any location. Must be specified for this middleware to have any effect. - headers
-
A list of allowed headers. '*' can be specified to allow any headers. Includes a set of headers by default to simplify working with WebDAV and AJAX frameworks:
Cache-ControlDepthIf-Modified-SinceUser-AgentX-File-NameX-File-SizeX-Prototype-VersionX-Requested-With
- methods
-
A list of allowed methods. '*' can be specified to allow any methods. Defaults to all of the standard HTTP and WebDAV methods.
- max_age
-
The max length in seconds to cache the response data for. If not specified, the web browser will decide how long to use.
- expose_headers
-
A list of allowed headers to expose to the client. '*' can be specified to allow the browser to see all of the response headers.
- credentials
-
Whether the resource will be allowed with user credentials supplied.
SEE ALSO
AUTHOR
Graham Knop <haarg@haarg.org>
COPYRIGHT AND LICENSE
This software is copyright (c) 2010 by Graham Knop.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.