[][src]Type Definition rocket_cors::AllowedOrigins

type AllowedOrigins = AllOrSome<Origins>;

A list of allowed origins. Either Some origins are allowed, or all origins are allowed.

Exact matches are matched exactly with the ASCII Serialization of the origin.

Regular expressions are tested for matches against the ASCII Serialization of the origin.

Opaque Origins

The specification defines an Opaque Origin as one that cannot be recreated. You can refer to the source code for the url::Url::origin method to see how an Opaque Origin is determined. Examples of Opaque origins might include schemes like file:// or Browser specific schemes like "moz-extension:// or chrome-extension://.

Opaque Origins cannot be matched exactly. You must use Regex to match Opaque Origins. If you attempt to create Cors from CorsOptions, you will get an error.

Warning about Regex expressions

By default, regex expressions are unanchored.

This means that if the regex does not start with ^ or \A, or end with $ or \z, then it is permitted to match anywhere in the text. You are encouraged to use the anchors when crafting your Regex expressions.

Examples

use rocket_cors::AllowedOrigins;

let exact = ["https://www.acme.com"];
let regex = ["^https://(.+).acme.com$"];

let all_origins = AllowedOrigins::all();
let some_origins = AllowedOrigins::some_exact(&exact);
let null_origins = AllowedOrigins::some_null();
let regex_origins = AllowedOrigins::some_regex(&regex);
let mixed_origins = AllowedOrigins::some(&exact, &regex);

Methods

impl AllowedOrigins[src]

pub fn some<'a, 'b, S1: AsRef<str>, S2: AsRef<str>>(
    exact: &'a [S1],
    regex: &'b [S2]
) -> Self
[src]

Allows some origins, with a mix of exact matches or regex matches

Validation is not performed at this stage, but at a later stage.

Exact matches are matched exactly with the ASCII Serialization of the origin.

Regular expressions are tested for matches against the ASCII Serialization of the origin.

Opaque Origins

The specification defines an Opaque Origin as one that cannot be recreated. You can refer to the source code for the url::Url::origin method to see how an Opaque Origin is determined. Examples of Opaque origins might include schemes like file:// or Browser specific schemes like "moz-extension:// or chrome-extension://.

Opaque Origins cannot be matched exactly. You must use Regex to match Opaque Origins. If you attempt to create Cors from CorsOptions, you will get an error.

Warning about Regex expressions

By default, regex expressions are unanchored.

This means that if the regex does not start with ^ or \A, or end with $ or \z, then it is permitted to match anywhere in the text. You are encouraged to use the anchors when crafting your Regex expressions.

pub fn some_exact<S: AsRef<str>>(exact: &[S]) -> Self[src]

Allows some exact origins

Validation is not performed at this stage, but at a later stage.

Exact matches are matched exactly with the ASCII Serialization of the origin.

Opaque Origins

The specification defines an Opaque Origin as one that cannot be recreated. You can refer to the source code for the url::Url::origin method to see how an Opaque Origin is determined. Examples of Opaque origins might include schemes like file:// or Browser specific schemes like "moz-extension:// or chrome-extension://.

pub fn some_regex<S: AsRef<str>>(regex: &[S]) -> Self[src]

Allow some regular expression origins

Validation is not performed at this stage, but at a later stage.

Regular expressions are tested for matches against the ASCII Serialization of the origin.

Warning about Regex expressions

By default, regex expressions are unanchored.

This means that if the regex does not start with ^ or \A, or end with $ or \z, then it is permitted to match anywhere in the text. You are encouraged to use the anchors when crafting your Regex expressions.

pub fn some_null() -> Self[src]

Allow some null origins

pub fn all() -> Self[src]

Allows all origins