Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/noderaider/universal-cors
CORS middleware implementation with emphasis on configurability of dynamic origins.
https://github.com/noderaider/universal-cors
cors cors-middleware dynamic-origins express universal-cors
Last synced: 3 days ago
JSON representation
CORS middleware implementation with emphasis on configurability of dynamic origins.
- Host: GitHub
- URL: https://github.com/noderaider/universal-cors
- Owner: noderaider
- License: mit
- Created: 2016-06-08T19:58:54.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2016-11-04T06:47:58.000Z (about 8 years ago)
- Last Synced: 2024-12-01T06:37:52.090Z (22 days ago)
- Topics: cors, cors-middleware, dynamic-origins, express, universal-cors
- Language: JavaScript
- Size: 146 KB
- Stars: 0
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## universal-cors
**CORS middleware implementation with emphasis on configurability of dynamic origins.**
[](https://travis-ci.org/noderaider/universal-cors)
[](https://codecov.io/gh/noderaider/universal-cors)
[](https://nodei.co/npm/universal-cors/)
## Install
`npm i -S universal-cors`
## How to use
```js
import express from 'express'
import cors, { origins } from 'universal-cors'
const app = express()
/** cors middleware to accept any pattern matching example.com subdomains */
app.use(cors({ patterns: [ /^https:\/\/.*\.example\.com/ ]}))
/** ROUTERS GO HERE */
```
## Documentation
**cors default export - middleware for auto handling preflight responses, testing dynamic origins, and attaching cors response headers when valid request occurs**
```js
cors([opts: Object]): function(req, res, next)
```
*opts*
**name** | **type** | **default** | **description**
-------- | -------- | ----------- | ---------------
`patterns` | `string|RegExp|Array` | **required** | the pattern(s) to test for cors origins, if pattern matches, the response will get valid cors response headers.
`preflight` | `function(req): responseHeaders` | `(req) => {}` | issues preflight responses for OPTIONS method requests and returns specified headers
`tracing` | `boolean` | `false` | toggles tracing for debugging purposes
`logger` | `Object` | `console` | the logger object to trace to
`loglevel` | `string` | `'info'` | the log level to use when tracing (`error`, `warn`, `info`, `trace`)
An example of what you might set for preflight:
```js
const preflight = req => {
return { 'Access-Control-Allow-Origin': req.headers.origin
, 'Access-Control-Max-Age': 604800 // Specifies how long the preflight response can be cached in seconds
, 'Access-Control-Allow-Methods': 'GET, PUT, POST, DELETE'
, 'Access-Control-Allow-Headers': 'Content-Type, Authorization'
, 'Access-Control-Allow-Credentials': true
}
}
```
**origins export - granular origin testing functionality**
```js
origins([opts: Object]): { isOk: function(domain: string): boolean }
```
*opts*
**name** | **type** | **default** | **description**
-------- | -------- | ----------- | ---------------
`patterns` | `string|RegExp|Array` | **required** | the pattern(s) to test for cors origins, if pattern matches, the response will get valid cors response headers.
`tracing` | `boolean` | `false` | toggles tracing for debugging purposes
`logger` | `Object` | `console` | the logger object to trace to
`loglevel` | `string` | `'info'` | the log level to use when tracing (`error`, `warn`, `info`, `trace`)