Masonite Documentation
Masonite Repository
Search…
v4.0
Introduction and Installation
Prologue
Creating A Blog Tutorial
Release Cycle
Contributing Guide
How To Contribute
The Basics
Routing
Controllers
Middleware
Response
Request
Static Files
Views
Environments
Configuration
Error Handling
Features
API Development
Authentication
Authorization
Broadcasting
Caching
Compiling Assets
Commands
CSRF Protection
Events
Facades
Filesystem and Uploading
Hash ID's
Helpers
Mail
Notifications
Package Development
Queues and Jobs
Rate Limiting
Sessions
Task Scheduling
Tinker Shell (REPL)
Validation
Architecture
Service Providers
Service Container
Security
CORS
Masonite ORM
To Masonite ORM Docs
Testing
Getting Started
HTTP Tests
Database Tests
Commands Tests
Console Tests
Mocking
Extending
Official Packages
Masonite Debugbar
How-to Guides
Build Email Verification from Scratch With Masonite Framework and JSON Web Tokens
Deploying a Masonite Application to Heroku
How To Deploy Masonite to PythonAnywhere
How-To: Use RabbitMQ with Masonite 2.0 queues
How To Use The Repository Pattern with Masonite
Making Masonite and Laravel Mix work together
What's New
Masonite 1.3
Masonite 1.4
Masonite 1.5
Masonite 1.6
Masonite 2.0
Masonite 2.1
Masonite 2.2
Masonite 2.3
Masonite 3.0
Upgrade Guide
Masonite 1.3 to 1.4
Masonite 1.4 to 1.5
Masonite 1.5 to 1.6
Masonite 1.6 to 2.0
Masonite 2.0 to 2.1
Masonite 2.1 to 2.2
Masonite 2.2 to 2.3
Masonite 2.3 to 3.0
Masonite 3.0 to 4.0
Powered By GitBook
CORS
CORS is sometimes important to activate in your application. CORS allows you to have a stronger layer of security over your application by specifying specific CORS headers in your responses. This is done through "preflight" requests.
These "preflight" requests are OPTIONS requests that are sent at the same time as other non safe requests (POST, PUT, DELETE) an specifically designed to verify the CORS headers before allowing the other request to go through.
If your application receives a preflight requests without having CORS enabled then you will get an error in the response.

Getting Started

To enable cors in Masonite, we simply need to create a CORSMiddleware file inside your project, inherit from Masonite's class, set your headers and add it to the HTTP middleware inside your Kernel.
So first create your middleware class wherever you put your middleware. Here's an example class:
from masonite.middleware import Middleware
from masonite.middleware.route import CorsMiddleware
​
class CorsMiddleware(CorsMiddleware):
​
headers = {
'Access-Control-Allow-Origin': "*",
"Access-Control-Allow-Methods": "DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT",
"Access-Control-Allow-Headers": "Content-Type, Accept, X-Requested-With",
"Access-Control-Max-Age": "3600",
"Access-Control-Allow-Credentials": "true"
}
You may add any valid CORS header. You can learn more about CORS headers in the Mozilla Documentation.
Once created you can add it to your http_middleware key in your Kernel.py class.
It is best to put the CORS middleware as the first middleware to prevent possible errors.
from app.middleware.CorsMiddleware import CorsMiddleware
​
#..
class Kernel:
​
http_middleware = [
CorsMiddleware,
EncryptCookies
]
#..
Your application will now allow CORS requests to successfully go through.
Architecture - Previous
Service Container
Next - Testing
Getting Started
Last modified 3mo ago
Export as PDF
Copy link