FilesExpand file tree

 master

/

micro-cors.js

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

52 lines (45 loc) · 1.3 KB

 master

/

micro-cors.js

Top

File metadata and controls

• Code
• Blame

52 lines (45 loc) · 1.3 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

// MIT License

// https://github.com/possibilities/micro-cors

// source: https://github.com/possibilities/micro-cors/pull/42

const DEFAULT_ALLOW_METHODS = [

'POST',

'GET',

'PUT',

'PATCH',

'DELETE',

'OPTIONS'

]

const DEFAULT_ALLOW_HEADERS = [

'X-Requested-With',

'Access-Control-Allow-Origin',

'X-HTTP-Method-Override',

'Content-Type',

'Authorization',

'Accept'

]

const DEFAULT_MAX_AGE_SECONDS = 60 * 60 * 24 // 24 hours

const cors = (options = {}) => handler => (req, res, ...restArgs) => {

const {

origin = '*',

maxAge = DEFAULT_MAX_AGE_SECONDS,

allowMethods = DEFAULT_ALLOW_METHODS,

allowHeaders = DEFAULT_ALLOW_HEADERS,

allowCredentials = true,

exposeHeaders = []

} = options

res.setHeader('Access-Control-Allow-Origin', origin)

if (allowCredentials) {

res.setHeader('Access-Control-Allow-Credentials', 'true')

}

if (exposeHeaders.length) {

res.setHeader('Access-Control-Expose-Headers', exposeHeaders.join(','))

}

const preFlight = req.method === 'OPTIONS'

if (preFlight) {

res.setHeader('Access-Control-Allow-Methods', allowMethods.join(','))

res.setHeader('Access-Control-Allow-Headers', allowHeaders.join(','))

res.setHeader('Access-Control-Max-Age', String(maxAge))

}

return handler(req, res, ...restArgs)

}

module.exports = cors