2.0.0 • Published 7 years ago

@altrdpdgm/cors v2.0.0

Weekly downloads
-
License
ISC
Repository
-
Last release
7 years ago

@altrdpdgm/cors

Tiny Express middleware for facilitating CORS requests.

API Reference

MethodDescription
setOriginListtakes an Array of origins to allow CORS requests from.
getOriginListreturns the current list of allowed origins.
handleCORSExpress middleware function. Handles pre-flight requests; sets user-defined or default response headers.

Implementation Reference

FunctionDescription
validateOriginDetermines whether the origin making the request is allowed by checking for the origin in the internal __originList via Array.prototype.includes.
isPreFlightDetermines whether a request is a pre-flight request; checks for OPTIONS method, Access-Control-Request-Method header and the origin of the request.

Default Configuration

If no user-defined response headers are found in the headers property of the options object (detailed below) when the @altrdpdgm/cors module is instantiated, the following response headers will be set automatically:

{
"Access-Control-Allow-Origin": validateOrigin(req.headers["origin"]),
"Access-Control-Allow-Headers": "Content-Type, Authorization",
"Access-Control-Allow-Methods": "DELETE"
}

The response header object takes any options that can be set on the response using the Express res.set method

Installation

$npm install @altrdpdgm/cors

Example Instantiation

const express = require("express");
const app = express();
const CORSModule = require("@altrdpdgm/altrd-cors")({options}) //<= set custom response headers in a configuration object on a `headers` property.
CORSModule.setOriginList(["http://localhost:3000", "http://10.0.18.108", "http://0.0.0.0"]);

//Configure the Express application to use the CORSModule on all incoming requests.
app.use(CORSModule.handleCORS)