Clojure ring-cors/wrap-cors setup

3
votes

I'm using ring-cors and trying to pass a cors-policy for the (wrap-cors) function. This is what my code looks like:

(def cors-policy
  {:access-control-allow-origin [#"http://localhost:8080"]
   :access-control-allow-methods [:get :put :post]})

(def dev-handler (-> #'japi/routes
                     wrap-reload
                     wrap-params
                     (wrap-cors cors-policy) ;; <- Here
                     wrap-json-response
                     (wrap-defaults api-defaults)
                     push-state/handle))

This results in an error:

No value supplied for key: {:access-control-allow-origin #{"http://localhost:8080"}, :access-control-allow-methods #{:get :post :put}}

Looking at the source code for (wrap-cors) it looks like the error is coming from trying to apply (hash-map) to my cors-policy map. It seems like I cannot pass a map definition but instead I have to pass the keys/values explicitly when calling (wrap-cors). Any ideas to work around this?

I've tried (apply hash-map cors-policy) in the repl and that works fine, however when passing a dummy handler such as (wrap-cors identity cors-policy) this again results in the same error.

Edit: cfrick's answer is correct, note however that I had to remove shadow-cljs' (push-state/handle) handler at the end of my dev-handler definition for my setup to work.

1
clojurecorsclojurescript

1 Answers

5
votes

The wrapper uses a "pattern" that is sometimes seen and focuses on "human consumption" of the function. It takes the "rest" of the arguments and turns the pairs of it into a map. This is already "meh" for humans and is utterly bad for machines (e.g. to pass as arguments).

You have to do the call it like this:

(wrap-cors $handler :a 1 :b 2)

So the easiest way from here would be:

(def cors-policy
  [:a 1
   :b 2])

(apply wrap-cors $handler cors-policy)

Or if you want to stick with the map (IMHO a good approach), you have to flatten the map beforehand. e.g.

(apply wrap-cors $handler (into [] cat cors-policy))

But with the use of the threading macro -> this becomes harder to do now (-> is just a macro and the resulting code would be (apply $handler wrap-cors ...) which is unintended.

So at this point I'd add my own defn that just takes the handler again. E.g. something like

(defn cors-wrapper
  [handler config-map]
  (apply wrap-cors handler (into [] cat config-map)))