Request Pipeline

Middleware for CORS, static files, sessions, auth, CSRF, security headers, and custom request pipelines

Page actions AI-ready formats and sharing
Open LLM text
Share with AI
Ask Claude Ask ChatGPT Ask Gemini Ask Copilot

Middleware is code that runs around every route handler — for cross-cutting behavior like sessions, CSRF, security headers, static files, CORS, and auth. Use this section when something belongs around a handler rather than inside it. Chirp middleware is just a function that matches a Protocol: no base class, no inheritance.

New here? Start with Built-in Middleware to wire the secure-by-default stack (sessions, CSRF, and security headers). Reach for Custom Middleware when you need your own.