Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/koajs/cors
Cross-Origin Resource Sharing(CORS) for koa
https://github.com/koajs/cors
Last synced: about 4 hours ago
JSON representation
Cross-Origin Resource Sharing(CORS) for koa
- Host: GitHub
- URL: https://github.com/koajs/cors
- Owner: koajs
- License: other
- Created: 2015-02-09T05:34:31.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2024-03-02T23:01:34.000Z (9 months ago)
- Last Synced: 2024-10-29T15:22:58.564Z (about 1 month ago)
- Language: JavaScript
- Homepage:
- Size: 115 KB
- Stars: 731
- Watchers: 16
- Forks: 80
- Open Issues: 22
-
Metadata Files:
- Readme: README.md
- Changelog: History.md
- License: LICENSE
Awesome Lists containing this project
- awesome-koa - cors - Cross-Origin Resource Sharing(CORS) for koa (Middleware)
- think-awesome - kcors - ci.org/koajs/cors.svg) |  | CORS middleware | (Koa Middlewares)
- awesome-koa - @koa/cors - 跨域资源共享(CORS)for koa.   (仓库 / 中间件)
- stars - cors - Origin Resource Sharing(CORS) for koa | koajs | 734 | (JavaScript)
- stars - cors - Origin Resource Sharing(CORS) for koa | koajs | 734 | (JavaScript)
README
# @koa/cors
[![NPM version][npm-image]][npm-url]
[](https://github.com/koajs/cors/actions/workflows/nodejs.yml)
[![Test coverage][codecov-image]][codecov-url]
[![npm download][download-image]][download-url]
[npm-image]: https://img.shields.io/npm/v/@koa/cors.svg?style=flat-square
[npm-url]: https://npmjs.org/package/@koa/cors
[codecov-image]: https://codecov.io/github/koajs/cors/coverage.svg?branch=v2.x
[codecov-url]: https://codecov.io/github/koajs/cors?branch=v2.x
[download-image]: https://img.shields.io/npm/dm/@koa/cors.svg?style=flat-square
[download-url]: https://npmjs.org/package/@koa/cors
[Cross-Origin Resource Sharing(CORS)](https://developer.mozilla.org/en/docs/Web/HTTP/Access_control_CORS) for koa
## Installation
```bash
$ npm install @koa/cors --save
```
## Quick start
Enable cors with default options:
- origin: `*` (v4 and before: the request's Origin header). This means that **by default the requests from all origin webpages will be allowed**.
If you're running a generic API server, this is what you want, but otherwise you should look into changing the default to something more
suitable to your application.
- allowMethods: GET,HEAD,PUT,POST,DELETE,PATCH
```js
const Koa = require('koa');
const cors = require('@koa/cors');
const app = new Koa();
app.use(cors());
```
## cors(options)
```js
/**
* CORS middleware
*
* @param {Object} [options]
* - {String|Function(ctx)} origin `Access-Control-Allow-Origin`, default is '*'
* If `credentials` set and return `true, the `origin` default value will set to the request `Origin` header
* - {String|Array} allowMethods `Access-Control-Allow-Methods`, default is 'GET,HEAD,PUT,POST,DELETE,PATCH'
* - {String|Array} exposeHeaders `Access-Control-Expose-Headers`
* - {String|Array} allowHeaders `Access-Control-Allow-Headers`
* - {String|Number} maxAge `Access-Control-Max-Age` in seconds
* - {Boolean|Function(ctx)} credentials `Access-Control-Allow-Credentials`, default is false.
* - {Boolean} keepHeadersOnError Add set headers to `err.header` if an error is thrown
* - {Boolean} secureContext `Cross-Origin-Opener-Policy` & `Cross-Origin-Embedder-Policy` headers.', default is false
* - {Boolean} privateNetworkAccess handle `Access-Control-Request-Private-Network` request by return `Access-Control-Allow-Private-Network`, default to false
* @return {Function} cors middleware
* @api public
*/
```
## Breaking change between 4.0 and 5.0
The default `origin` is set to `*`, if you want to keep the 4.0 behavior, you can set the `origin` handler like this:
```js
app.use(cors({
origin(ctx) {
return ctx.get('Origin') || '*';
},
}));
```
## License
[MIT](./LICENSE)
## Contributors
|[
fengmk2](https://github.com/fengmk2)
|[
dead-horse](https://github.com/dead-horse)
|[
omsmith](https://github.com/omsmith)
|[
jonathanong](https://github.com/jonathanong)
|[
AlphaWong](https://github.com/AlphaWong)
|[
cma-skedulo](https://github.com/cma-skedulo)
|
| :---: | :---: | :---: | :---: | :---: | :---: |
|[
CleberRossi](https://github.com/CleberRossi)
|[
erikfried](https://github.com/erikfried)
|[
j-waaang](https://github.com/j-waaang)
|[
ltomes](https://github.com/ltomes)
|[
lfreneda](https://github.com/lfreneda)
|[
matthewmueller](https://github.com/matthewmueller)
|
[
PlasmaPower](https://github.com/PlasmaPower)
|[
swain](https://github.com/swain)
|[
TyrealHu](https://github.com/TyrealHu)
|[
xg-wang](https://github.com/xg-wang)
|[
lishengzxc](https://github.com/lishengzxc)
|[
mcohen75](https://github.com/mcohen75)
This project follows the git-contributor [spec](https://github.com/xudafeng/git-contributor), auto updated at `Sat Oct 08 2022 21:35:10 GMT+0800`.