-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathindex.js
78 lines (66 loc) · 2.21 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
var methods = require("http-methods")
/*
type Handler := (req, res) => void | {
GET?: (req, res) => void,
POST?: (req, res) => void,
DELETE?: (req, res) => void,
PUT?: (req, res) => void,
OPTIONS?: (req, res) => void
}
Corsify := (opts: Options, handler: Handler) => Handler &
(opts: Options) => (handler: Handler) => Handler &
(handler: Handler) => Handler
*/
module.exports = Corsify
function Corsify(opts, handler) {
if (typeof opts === "function") {
handler = opts
opts = {}
}
if (!handler && opts && !isOptions(opts)) {
handler = opts
opts = {}
}
if (!handler) {
return Corsify.bind(null, opts)
}
if (typeof handler !== "function") {
handler = methods(handler)
}
return routeHandler
function routeHandler(req, res) {
addCrossDomainHeaders(req, res, opts)
if (opts.endOptions !== false && req.method === "OPTIONS") {
res.end()
} else {
handler.apply(this, arguments)
}
}
}
function isOptions(opts) {
return "endOptions" in opts ||
"getOrigin" in opts ||
"Access-Control-Allow-Origin" in opts ||
"Access-Control-Allow-Methods" in opts ||
"Access-Control-Allow-Credentials" in opts ||
"Access-Control-Max-Age" in opts ||
"Access-Control-Allow-Headers" in opts
}
function addCrossDomainHeaders(req, res, opts) {
var origin = "getOrigin" in opts ?
opts.getOrigin(req, res) :
opts["Access-Control-Allow-Origin"] || req.headers.origin
if (origin) {
res.setHeader("Access-Control-Allow-Origin", origin)
res.setHeader("Access-Control-Allow-Methods",
opts["Access-Control-Allow-Methods"] ||
"POST, GET, PUT, DELETE, OPTIONS, XMODIFY")
res.setHeader("Access-Control-Allow-Credentials",
opts["Access-Control-Allow-Credentials"] || "true")
res.setHeader("Access-Control-Max-Age",
opts["Access-Control-Max-Age"] || "86400")
res.setHeader("Access-Control-Allow-Headers",
opts["Access-Control-Allow-Headers"] ||
"X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept")
}
}