Skip to contents

Configure Cross-Origin Resource Sharing (CORS)

Source: R/payload.R
payload_cors_config.Rd

Configure Cross-Origin Resource Sharing (CORS)

Usage

payload_cors_config(
  enabled = FALSE,
  origins = "*",
  methods = c("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"),
  headers = c("Content-Type", "Authorization", "X-Requested-With", "X-Request-ID"),
  credentials = FALSE,
  max_age = 86400
)

Arguments

enabled

Enable or disable CORS (default FALSE)

origins

Allowed origins. Use "*" for any origin, or provide a character vector of specific domains (default "*")

methods

HTTP methods to allow (default includes common methods)

headers

Headers to allow in requests (default includes common headers)

credentials

Allow credentials in cross-origin requests (default FALSE)

max_age

Maximum time (in seconds) browsers should cache preflight results (default 86400 = 24 hours)

Value

Invisibly returns TRUE, called for side effects

Examples

if (interactive()) {
  # Enable CORS for all origins
  payload_cors_config(enabled = TRUE)

  # Restrict to specific origins
  payload_cors_config(
    enabled = TRUE,
    origins = c("https://myapp.com", "https://staging.myapp.com"),
    credentials = TRUE
  )

  # Disable CORS
  payload_cors_config(enabled = FALSE)
}