Project

manifold

0.01
No commit activity in last 3 years
No release in over 3 years
Rack middleware to enabled CORS
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

>= 3.0.0
 Project Readme

Manifold: Cross Origin Resource Sharing for Public API's

Build Status Gem Version Code Climate Dependency Status

Use this if you don't care about CORS problems and never want to see them again.

Don't use this if you have more complex CORS policies.

Background

CORS is a bitch. It's annoying when you just want to develop your application. You need to GET/POST/PUT/DELETE to some api in a browser but it's stopping you. Drop this rack middleware into your stack and make that it work.

How It Works

  • Handles simple CORS and preflight CORS requests.
  • Access-Control-Accept-Origin: *.
  • Echo's back Access-Control-Request-Method for Access-Control-Allow-Method for preflight requests.
  • Echo's back Access-Control-Request-Headers for Access-Control-Allow-Headers for preflight requests.
  • Makes preflight requests cachcable.
  • Configurable options for Access-Control-Expose-Headers.
  • Configurable options for Access-Control-Accept-Headers.
  • Add Access-Control-Accept-Origin: * to simple requests.

Preflight Requests

CORS preflight requests are sent as OPTIONS requests to whatever URL the request will made to. Browsers add Access-Control-Request-Method and Access-Control-Request-Headersto these requests. The middleware short circuit these reqeusts to return the CORS response. So be warned: If your application accepts OPTIONS for routing then you should not use this code.

Installation

Add this line to your application's Gemfile:

gem 'manifold'

And then execute:

$ bundle

Or install it yourself as:

$ gem install manifold

Usage

# config.ru
require 'manifold'

Manifold.expose += %w(X-Custom-Header)

use Manifold::Middleware
run MyApp

Rails

Manifold integrates cleanly with Rails. It inserts it's middleware at the top of the stack and exposes it's configuration through Rails.config. Manifold also add exposes headers added by Rails for CORS.

# application.rb
config.manifold.accept += %w(X-Custom-Input-Header) # add custom headers you need
config.manifold.expose += %(X-Custom-Output-Header)

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Added some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request