Comments (4)
@hojgr Thanks for your kind words.
As for the behaviour you are seeing - that's expected and by design. Defaults are defaults, by providing your own values overrides the defaults. This is standard in every package I've seen.
My reasoning is that you might want only allow a subset of the default headers. Maybe you explicitly don't want to allow Content-Type
headers. Furthermore I like the "explicitness" of this solution. I am using it myself.
The only thing I could think of is to provide a key similar to additional_headers:
. But I don't believe that would be very intuitive.
So while this might be a small consolation, maybe it's a tad nicer if you left out the parens:
plug CORSPlug, [
origin: "http://localhost:4200",
headers: ["X-Auth-Token" | CORSPlug.defaults[:headers]]
]
Any further feedback and ideas are very welcome!
from cors_plug.
Thanks for answers. The explicitness is indeed nice and I did not think about the use case where not having defaults is required.
Thanks.
from cors_plug.
Glad I could help.
Thanks again for your feedback and please let me know if there is anything I can improve on.
Cheers
from cors_plug.
It doesn't work
https://stackoverflow.com/questions/36713069/elixir-phoenix-how-to-use-third-party-modules-in-config-files
from cors_plug.
Related Issues (20)
- Origin validation on OPTIONS HOT 3
- No CORS headers embedded in Plug.ErrorHandler code path HOT 2
- General CORS library HOT 3
- Options Requests without `Access-Control-Request-Method` should not be halted
- Unreachable code? HOT 2
- Support Plug 1.7 dependency HOT 1
- "Access-Control-Allow-Origin" is null when using regex for origin? HOT 3
- Configuration not working with Elixir 1.9 releases HOT 3
- Regex from string HOT 1
- FunctionClauseError when origin option is a list containing a regex HOT 1
- Regex isn't working on preflight request HOT 5
- A way to enable logging - difficult to configure HOT 3
- CORS Header empty HOT 2
- Looks like init function is called during the compile time HOT 1
- Access-Control-Allow-Credentials should not be included if set to false
- Headers cannot be set dynamically
- Minor security issue with origin checks
- Using config.ex does not work HOT 1
- default config of origin: * and credentials: true seems invalid?
- cors-rfc1918
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cors_plug.