Adds CORS middleware for dart_frog server applications.


Responds to OPTIONS requests and injects your CORS headers into your Responses.


  1. Install the package:
dart pub add dart_frog_cors
  1. Add the middleware:
import 'package:dart_frog_cors/dart_frog_cors.dart';

Handler middleware(Handler handler) {
  return handler.use(cors());


The default values include:

  • Access-Control-Allow-Origin: *
  • Access-Control-Allow-Methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
  • Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,Authorization

Overriding defaults

You can easily override the defaults with your own values.

Handler middleware(Handler handler) {
  return handler.use(cors(
    allowOrigin: '',
    allowMethods: 'GET,POST,PUT',

Additional headers

You can also add your own Map<String, String> of headers to be injected using the additional property.

Handler middleware(Handler handler) {
  return handler.use(cors(
    additional: {
      'Some-Key': 'SomeValue',

Additional information

This is not an official dart_frog package.

This package was based on this fabulous CORS example for the shelf server: shelf_helpers