Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/eggjs/egg-cors
CORS plugin for egg
https://github.com/eggjs/egg-cors
cors egg-plugin
Last synced: 9 days ago
JSON representation
CORS plugin for egg
- Host: GitHub
- URL: https://github.com/eggjs/egg-cors
- Owner: eggjs
- License: mit
- Created: 2016-07-15T08:07:40.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2024-04-25T15:36:05.000Z (7 months ago)
- Last Synced: 2024-10-29T21:05:52.053Z (10 days ago)
- Topics: cors, egg-plugin
- Language: JavaScript
- Homepage:
- Size: 57.6 KB
- Stars: 152
- Watchers: 10
- Forks: 12
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
- awesome-egg - egg-cors - CORS plugin for egg.   (仓库 / 插件)
README
# egg-cors
[![NPM version][npm-image]][npm-url]
[](https://github.com/eggjs/egg-cors/actions/workflows/nodejs.yml)
[![Test coverage][codecov-image]][codecov-url]
[![npm download][download-image]][download-url]
[npm-image]: https://img.shields.io/npm/v/egg-cors.svg?style=flat-square
[npm-url]: https://npmjs.org/package/egg-cors
[codecov-image]: https://codecov.io/github/eggjs/egg-cors/coverage.svg?branch=master
[codecov-url]: https://codecov.io/github/eggjs/egg-cors?branch=master
[download-image]: https://img.shields.io/npm/dm/egg-cors.svg?style=flat-square
[download-url]: https://npmjs.org/package/egg-cors
[CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS) plugin for egg, based on [@koa/cors](https://github.com/koajs/cors).
## Install
```bash
$ npm i egg-cors --save
```
## Usage
```js
// {app_root}/config/plugin.js
exports.cors = {
enable: true,
package: 'egg-cors',
};
```
`egg-cors` works internally with [egg-security](https://github.com/eggjs/egg-security). By defining the property of `domainWhiteList` on object `security`, you have successfully informed the framework to whitelist the passed domains.
When you make a request from client side, **egg** should return an `Access-Control-Allow-Origin` response header with the domain that you passed in along with the payload and status code *200*.
```js
exports.security = {
domainWhiteList: [ 'http://localhost:4200' ],
};
```
## Configuration
Support all configurations in [@koa/cors](https://github.com/koajs/cors).
```js
// {app_root}/config/config.default.js
exports.cors = {
// {string|Function} origin: '*',
// {string|Array} allowMethods: 'GET,HEAD,PUT,POST,DELETE,PATCH'
};
```
If the `origin` is set, the plugin will follow it to set the `Access-Control-Allow-Origin` and ignore the `security.domainWhiteList`. Otherwise, the `security.domainWhiteList` which is default will take effect as described above.
## Security
Only in safe domain list support CORS when security plugin enabled.
## Questions & Suggestions
Please open an issue [here](https://github.com/eggjs/egg/issues).
## License
[MIT](LICENSE)
## Contributors
|[
atian25](https://github.com/atian25)
|[
dead-horse](https://github.com/dead-horse)
|[
fengmk2](https://github.com/fengmk2)
|[
brickyang](https://github.com/brickyang)
|[
sinchang](https://github.com/sinchang)
|[
XadillaX](https://github.com/XadillaX)
|
| :---: | :---: | :---: | :---: | :---: | :---: |
[
mattma](https://github.com/mattma)
|[
SoraYama](https://github.com/SoraYama)
|[
Yelmor](https://github.com/Yelmor)
|[
angela-1](https://github.com/angela-1)
|[
waitingsong](https://github.com/waitingsong)
This project follows the git-contributor [spec](https://github.com/xudafeng/git-contributor), auto updated at `Mon Dec 11 2023 13:25:00 GMT+0800`.