{"id":16068118,"url":"https://github.com/ged/strelka-cors","last_synced_at":"2025-08-29T05:12:20.350Z","repository":{"id":14538962,"uuid":"17253851","full_name":"ged/strelka-cors","owner":"ged","description":"Cross-Origin Resource Sharing for Strelka applications","archived":false,"fork":false,"pushed_at":"2016-11-04T00:44:57.000Z","size":119,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-05T10:14:17.398Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ged.png","metadata":{"files":{"readme":"README.md","changelog":"History.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-02-27T15:37:32.000Z","updated_at":"2021-11-28T23:49:00.000Z","dependencies_parsed_at":"2022-08-02T23:00:13.754Z","dependency_job_id":null,"html_url":"https://github.com/ged/strelka-cors","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ged/strelka-cors","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ged%2Fstrelka-cors","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ged%2Fstrelka-cors/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ged%2Fstrelka-cors/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ged%2Fstrelka-cors/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ged","download_url":"https://codeload.github.com/ged/strelka-cors/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ged%2Fstrelka-cors/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272632408,"owners_count":24967246,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-29T02:00:10.610Z","response_time":87,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-09T06:08:36.671Z","updated_at":"2025-08-29T05:12:20.300Z","avatar_url":"https://github.com/ged.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# strelka-cors\n\nhome\n: http://deveiate.org/projects/Strelka-CORS\n\ncode\n: http://bitbucket.org/ged/strelka-cors\n\ngithub\n: https://github.com/ged/strelka-cors\n\ndocs\n: http://deveiate.org/code/strelka-cors\n\n\n## Description\n\nThis is a Strelka application plugin for describing rules for [Cross-Origin Resource Sharing (CORS)](http://www.w3.org/TR/cors/).\n\nNOTE: It's still a work in progress.\n\nBy default, the plugin has paranoid defaults, and doesn't do anything. You'll need to grant access to the resources you want to share.\n\nTo grant access, you declare one or more `access_control` blocks which can modify responses to matching access-control requests. All the blocks which match the incoming request's URI are called with the request and response objects in the order in which they're declared: \n\n\t# Allow access to all resources from any origin by default\n\taccess_control do |req, res|\n\t\tres.allow_origin '*'\n\t\tres.allow_methods 'GET', 'POST'\n\t\tres.allow_credentials\n\t\tres.allow_headers :content_type\n\tend\n\n\nThese are applied in the order you declare them, with each matching block passed the request if it matches. This happens before the application gets the request, so it can do any further modification it needs to, and so it can block requests from disallowed origins/methods/etc.\n\nThere are a number of helper methods added to the request and response objects for applying and declaring access-control rules when this plugin is loaded:\n\n\n### `HTTPResponse#allow_origin \u003corigin\u003e+`\n\nThe `origin` parameter specifies a URI that may access the resource by setting the `Access-Control-Allow-Origin` header.\n\n\taccess_control do |req, res|\n\t\tres.allow_origin 'http://acme.com/', 'http://www.acme.com/\n\t\tres.allow_origin( req.origin )\n\t\tres.allow_origin # same as above\n\t\tres.allow_origin '*'\n\tend\n\n\n### `HTTPResponse#expose_headers`\nSpecify a whitelist of headers that browsers are allowed to access by setting the `Access-Control-Expose-Headers` header on responses.\n\n\tresponse.expose_headers :content_type, 'x-custom-header'\n\n\n### `HTTPResponse#access_control_max_age`\n\nSpecify how long the results of a preflight request can be cached by setting the `Access-Control-Max-Age` header.\n\n\n### `HTTPResponse#allow_credentials`\n\nSpecify whether or not a request can be made using credentials by setting the `Access-Control-Allow-Credentials` header on responses.\n\n\n### `HTTPResponse#allow_methods`\n\nSpecifies the method or methods allowed when accessing the resource by setting the `Access-Control-Allow-Methods` header on responses.\n\n\n### `HTTPResponse#allow_headers`\n\nSpecify the HTTP headers that can be used when making a request.\n\n\n\n\n\n### Allow All Simple Requests\n\nIf you just want to allow simple (GET, HEAD, POST) requests to your application\nfrom any origin, you can do it like so:\n\n    require 'strelka/app'\n    \n    class MyApp \u003c Strelka::App\n        plugin :cors\n        allow_origins '*'\n\n        # The rest of your app\n\n    end\n\nThis will add the appropriate header to outgoing responses.\n\n\n## Installation\n\n    gem install strelka-cors\n\n\n## License\n\nCopyright (c) 2015-2016, Michael Granger\nAll rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are met:\n\n* Redistributions of source code must retain the above copyright notice,\n  this list of conditions and the following disclaimer.\n\n* Redistributions in binary form must reproduce the above copyright notice,\n  this list of conditions and the following disclaimer in the documentation\n  and/or other materials provided with the distribution.\n\n* Neither the name of the author/s, nor the names of the project's\n  contributors may be used to endorse or promote products derived from this\n  software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\"\nAND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE\nFOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\nDAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\nSERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER\nCAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,\nOR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fged%2Fstrelka-cors","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fged%2Fstrelka-cors","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fged%2Fstrelka-cors/lists"}