Skip to content

Commit

Permalink
Merge pull request #2 from marcenuc/patch-1
Browse files Browse the repository at this point in the history
Example of wai-cors configuration
  • Loading branch information
snoyberg committed Dec 3, 2015
2 parents ce537b1 + 3fa311c commit 14c1ba4
Showing 1 changed file with 24 additions and 4 deletions.
Original file line number Diff line number Diff line change
@@ -1,7 +1,27 @@
# Update
There's now some middleware available on hackage to help with CORS: http://hackage.haskell.org/package/wai-cors-0.1.1
# CORS configuration

***
## Using `wai-cors` package

There's now some middleware available on hackage to help with CORS: https://hackage.haskell.org/package/wai-cors

The quick start for it, in a scaffolded yesod app, is:

1. `stack install wai-cors`;
2. add `wai-cors` as `build-depends` in PROJECTNAME.cabal;
3. add `import Network.Wai.Middleware.Cors` in `Application.hs`;
4. add `simpleCors` as middleware in `makeApplication` in `Application.hs`.

For example:

```haskell
makeApplication foundation = do
logWare <- makeLogWare foundation
-- Create the WAI application and apply middlewares
appPlain <- toWaiAppPlain foundation
return $ logWare $ defaultMiddlewaresNoLogging $ simpleCors appPlain
```

## Using a custom middleware

> [WOFF fonts](https://en.wikipedia.org/wiki/WOFF) may not be accessed from [other domains by default](https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS). That means that your page at `http://www.example.com/` may not access a font `http://static.example.com/font.woff`. The solution is to add a CORS header to the WOFF font allowing it to be used from other domains.
Expand All @@ -22,4 +42,4 @@ There's now some middleware available on hackage to help with CORS: http://hacka
> | otherwise = headers
> where woff = lookup HT.hContentType headers == Just "application/font-woff"
> cors = ("Access-Control-Allow-Origin", "*")
> ```
> ```

0 comments on commit 14c1ba4

Please sign in to comment.