corsMiddleware function
Implementation
Middleware corsMiddleware() {
return (EngineContext ctx, Next next) async {
final config = ctx.engineConfig.security.cors;
if (!config.enabled) {
return next();
}
final requestHeaders = ctx.request.headers;
final requestMethod = ctx.request.method;
final responseHeaders = ctx.response.headers;
final allowed = applyCorsHeaders(
requestHeaders,
requestMethod,
responseHeaders,
config,
);
if (!allowed) {
return ctx.string(
'CORS origin check failed.',
statusCode: HttpStatus.forbidden,
);
}
if (requestMethod == 'OPTIONS') {
return ctx.string('', statusCode: HttpStatus.noContent);
}
return next();
};
}
