Swiftpack.co - Package - IBM-Swift/Kitura-CORS


Docs Build Status - Master macOS Linux Apache 2 Slack Status


Kitura CORS middleware


Kitura CORS middleware.

Swift version

The latest version of Kitura-CORS requires Swift 4.1.2. You can download this version of the Swift binaries by following this link. Compatibility with other Swift versions is not guaranteed.


To create an instance of Kitura-CORS middleware use:

public init(options : Options)

where possible Options are:

  • allowedOrigin - an enum that configures the Access-Control-Allow-Origin CORS server response header. Possible values:
    • all - all origins are allowed. Access-Control-Allow-Origin will be set to *. This is the default.
    • set - a set of allowed origins.
    • origin - single allowed origin.
    • regex - a regular expression that defines allowed origins.
  • credentials - a boolean value that configures the Access-Control-Allow-Credentials CORS header. Is set only if equals to true, otherwise the header is not passed. Defaults to false.
  • methods - an array of methods to be passed in Access-Control-Allow-Methods header. The default is ["GET","HEAD","PUT","PATCH","POST","DELETE"].
  • allowedHeaders - an array of allowed headers to configure the Access-Control-Allow-Headers CORS header. If not specified, the headers specified in the request's Access-Control-Request-Headers header are passed.
  • maxAge - an integer to set the Access-Control-Allow-Max-Age header. If not set, the header is omitted.
  • exposedHeaders - an array of exposed headers to configure the Access-Control-Expose-Headers header. If not set, the header is omitted.
  • preflightContinue - a boolean that defines whether to pass the CORS preflight response to the next handler. Defaults to false.

Please see CORS documentation for details.


First create an instance of CORS:

import KituraCORS

let options = Options(allowedOrigin: .origin("www.abc.com"), methods: ["GET","PUT"], allowedHeaders: ["Content-Type"], maxAge: 5)
let cors = CORS(options: options)

Kitura-CORS is RouterMiddleware. To connect it to the desired path use one of the Router methods:

router.all("/cors", middleware: cors)


This library is licensed under Apache 2.0. Full license text is available in LICENSE.