Proposed enhancements

[the42]

CORSHandler
CacheHandler

and

GZipHandler come to mind. For the later there is an example here:
https://github.com/the42/schoolcalc/blob/master/webzapfen/webzapfen.go#L611

However, ideally, Handlers would be stackable.

[kisielk]

Agree that all of them would be useful. I have a CORSHandler implemented in another (internal) project right now but I'm not sure I like the API yet. Currently looks like this:

type CORSHandler struct {
    // Handler is called to handle all requests.
    Handler http.Handler

    // AllowOrigin is an optional function that returns true if the origin is one for which CORS requests are allowed.
    // If AllowOrigin is nil, all origins are allowed.
    AllowOrigin func(origin string) bool

    // AllowMethod is an optional function that returns true if the method is one for which CORS requests are allowed.
    // If AllowMethod is false, all methods are allowed.
    AllowMethod func(method string) bool

    // AllowedHeaders is an optional function will be used to check the Access-Control-Request-Headers
    // header from any preflight requests. It returns true if the headers are allowed.
    // If AllowHeaders is nil, no headers are allowed.
    AllowHeaders func(headers []string) bool

    // ExposeHeaders is an optional list of headers that is
    ExposeHeaders []string

    // If SupportCredentials is true, the Access-Control-Allow-Credentials header is set to the string 'true'.
    SupportsCredentials bool

    // If MaxAge is not 0 the Access-Control-Max-Age header is set to this value.
    MaxAge int64
}
    CORSHandler adds the headers required for Cross-Origin Resource Sharing.
    If the requests do not meet the criteria at http://www.w3.org/TR/cors,
    no additioanl headers are set on the response but the wrapped Handler is
    still called.


func (h CORSHandler) ServeHTTP(w http.ResponseWriter, req *http.Request)

[kisielk]

I also recently implemented gzip/flate, which doesn't have nearly as much tuning as the CORS handler. Would like some feedback on the CORS stuff though.

[philips]

@kisielk The CORS stuff looks pretty good to me.

[kisielk]

@philips Cool :) Do you have any plans to use it? I could add it in some time on the weekend.

[philips]

@kisielk I just had to re-invent it, poorly, for etcd etcd-io/etcd#320

[kisielk]

@philips Have a look at cors.go in https://gist.github.com/kisielk/0de4fc0375f56acf5f73

[philips]

@kisielk It makes sense to me based on implementing cors for etcd.

[philips]

@kisielk Would you mind if I cleaned up your gist and submitted a PR to gorilla/handlers?

[kisielk]

Not at all

[awsmsrc]

would a basic auth handler be a good addition.

It would need to take a validate function that accepts a username, password and returns an error

I have one

[elithrar]

@awsmsrc Might be worth opening a separate issue for that. If it's an existing repo that you'd like to merge in, provide the link. If it's fresh work, it helps to talk it over before committing too much time.

[kisielk]

Going to close this for now. Separate issues can be filed for individual enhancements.

[stokito]

@awsmsrc Here I created a topic #231
Please join the discussion or share your version