chi is deliberately small — the core router is under 1,000 lines of code with zero external dependencies. Functionality beyond routing is provided by a growing collection of first-party packages under the go-chi GitHub organization, each designed as a standardDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/go-chi/chi/llms.txt
Use this file to discover all available pages before exploring further.
net/http middleware so it works with chi and any other compatible router.
Official packages
cors
Cross-origin resource sharing (CORS) middleware. Handles preflight requests
and injects the appropriate
Access-Control-* response headers.docgen
Introspects a
chi.Router at runtime and generates routing documentation
in JSON or Markdown — no annotations required.jwtauth
JWT authentication middleware. Verifies tokens on incoming requests and
places the parsed claims on the request context.
hostrouter
Domain and host-based request routing. Mount separate chi routers for
different hostnames or subdomains on a single listener.
httplog
Small but powerful structured HTTP request logging built on
slog /
zerolog. Captures status codes, latency, and request metadata.httprate
HTTP request rate limiter. Supports per-IP, per-user, and global limits
with configurable window sizes and custom key functions.
httptracer
HTTP request performance tracing library. Hooks into handler execution to
record timing and trace data for observability pipelines.
httpvcr
Record and replay HTTP interactions with external services. Write
deterministic tests for code that calls third-party APIs.
stampede
HTTP request coalescer. Collapses concurrent identical requests into a
single upstream call and fans the response out to all waiting clients.
Using cors middleware
Thecors package is one of the most commonly used chi ecosystem packages. Install it and attach it to your router’s middleware stack:
package main
import (
"net/http"
"github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5/middleware"
"github.com/go-chi/cors"
)
func main() {
r := chi.NewRouter()
r.Use(middleware.RequestID)
r.Use(middleware.Logger)
r.Use(middleware.Recoverer)
// CORS middleware — must be registered before your route handlers.
r.Use(cors.Handler(cors.Options{
// AllowedOrigins accepts a list of allowed origins.
// Use "*" to allow all origins in development only.
AllowedOrigins: []string{"https://example.com", "https://app.example.com"},
// AllowedMethods lists the HTTP methods your API supports.
AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
// AllowedHeaders lists the headers a client can include in a request.
AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
// ExposedHeaders lists response headers the browser is allowed to access.
ExposedHeaders: []string{"Link"},
// AllowCredentials permits cookies/auth headers to be sent cross-origin.
AllowCredentials: true,
// MaxAge caches the preflight response for the given number of seconds.
MaxAge: 300,
}))
r.Get("/", func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("hello"))
})
http.ListenAndServe(":3333", r)
}
curl -i -X OPTIONS http://localhost:3333/ \
-H "Origin: https://example.com" \
-H "Access-Control-Request-Method: POST"
Generating route documentation with docgen
docgen traverses a fully configured chi.Router and prints every registered route:
docgen_example.go
Beyond REST
chi is a general-purpose HTTP router — not a REST-only framework. Many teams use it as the foundation layer for other communication protocols.- webrpc
- gRPC (grpc-gateway)
- GraphQL
- NATS
webrpc is a web-focused RPC framework with code generation for clients and servers. It generates a standard
http.Handler that you can mount directly onto a chi router:webrpc_mount.go
Community middleware
Beyond the officialgo-chi organization, the broader net/http ecosystem is fully compatible with chi. Any middleware that accepts and returns an http.Handler works without any adapter or shim. Popular community options include:
| Package | Purpose |
|---|---|
gorilla/sessions | Cookie and filesystem session store |
unrolled/secure | HTTP security headers (CSP, HSTS, etc.) |
felixge/httpsnoop | Capture http.ResponseWriter metrics without wrapping |
rs/zerolog | Zero-allocation structured JSON logging |
If a middleware claims to work with
net/http, it works with chi. There are
no adapters, no special interfaces, and no registration steps beyond
r.Use(myMiddleware).