@aomex/cors
Advanced tools
Comparing version 0.0.22 to 0.0.23
# @aomex/cors | ||
## 0.0.23 | ||
### Patch Changes | ||
- Updated dependencies [[`2ac62fd`](https://github.com/aomex/aomex/commit/2ac62fd28166a1d9dd60b3c6d5a6508a6f9ee82b), [`4258410`](https://github.com/aomex/aomex/commit/42584107ad9f7e34492ae1053fef83aa2d9d747a), [`4177cba`](https://github.com/aomex/aomex/commit/4177cba7877e38120842bd8d287eaed54e4926ca)]: | ||
- @aomex/core@0.0.24 | ||
- @aomex/web@0.0.25 | ||
## 0.0.22 | ||
@@ -4,0 +12,0 @@ |
@@ -5,11 +5,30 @@ import { WebContext, WebMiddleware } from '@aomex/web'; | ||
/** | ||
* `Access-Control-Allow-Origin` | ||
* 设置报头Access-Control-Allow-Origin,表示该响应的资源是否被允许与给定的来源(origin)共享。对于不包含凭据的请求,也可以设为星号(\*),表示同意任意跨源请求 | ||
*/ | ||
origin?: ((ctx: WebContext) => string) | ((ctx: WebContext) => PromiseLike<string>) | string; | ||
/** | ||
* `Access-Control-Allow-Methods`, 默认值:`GET,HEAD,PUT,POST,DELETE,PATCH` | ||
* 设置报头Access-Control-Allow-Methods,表示客户端所要访问的资源允许使用的方法或方法列表。 | ||
* 默认值:`GET,HEAD,PUT,POST,DELETE,PATCH` | ||
*/ | ||
allowMethods?: string[] | string; | ||
/** | ||
* `Access-Control-Expose-Headers` | ||
* 响应报头 Access-Control-Expose-Headers 允许服务器指示那些响应报头可以暴露给浏览器中运行的脚本。 | ||
* 默认情况下,只暴露安全列表的响应报头: | ||
* - Cache-Control | ||
* - Content-Language | ||
* - Content-Length | ||
* - Content-Type | ||
* - Expires | ||
* - Last-Modified | ||
* - Pragma | ||
* | ||
* 我们可以传入更多额外的报头作为补充: | ||
* | ||
* ```typescript | ||
* cors({ | ||
* exposeHeaders: ['Content-Encoding', 'Kuma-Revision'], | ||
* }); | ||
* ``` | ||
* | ||
* 更多详细信息请参考[MDN](https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) | ||
*/ | ||
@@ -22,15 +41,17 @@ exposeHeaders?: string[] | string; | ||
/** | ||
* `Access-Control-Max-Age`。时间单位:`秒` | ||
* 设置报头Access-Control-Max-Age,表示 Access-Control-Allow-Methods 和 Access-Control-Allow-Headers 提供的信息可以被缓存的最长时间(秒) | ||
* | ||
* 如果值为`-1`,表示禁用缓存,则每次请求前都需要使用 OPTIONS 预检请求 | ||
*/ | ||
maxAge?: number | string; | ||
/** | ||
* `Access-Control-Allow-Credentials` | ||
* 设置报头Access-Control-Allow-Credentials,Credentials可以代表 cookies、authorization headers 或 TLS client certificates,需要与客户端 XMLHttpRequest.withCredentials 或 Fetch API 的 credentials 选项结合使用 | ||
*/ | ||
credentials?: ((ctx: WebContext) => boolean) | ((ctx: WebContext) => PromiseLike<boolean>) | boolean; | ||
/** | ||
* 抛出异常时把headers信息附加在`err.header`上 | ||
* 抛出异常时把headers信息附加在`err.header`上。默认值:`true` | ||
*/ | ||
keepHeadersOnError?: boolean; | ||
/** | ||
* 响应头部增加 `Cross-Origin-Opener-Policy` 和 `Cross-Origin-Embedder-Policy` 这两个条信息。默认值:`false` | ||
* 响应头部增加 `Cross-Origin-Opener-Policy` 和 `Cross-Origin-Embedder-Policy` 这两个个报头。默认值:`false` | ||
* | ||
@@ -41,10 +62,13 @@ * @see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/SharedArrayBuffer/Planned_changes | ||
/** | ||
* 处理请求头部 `Access-Control-Request-Private-Network` 并返回 `Access-Control-Allow-Private-Network` | ||
* 处理请求报头 `Access-Control-Request-Private-Network` 并返回报头`Access-Control-Allow-Private-Network`。默认值:`false` | ||
* | ||
* @see https://wicg.github.io/private-network-access/ | ||
* @link https://github.com/WICG/private-network-access | ||
*/ | ||
privateNetworkAccess?: boolean; | ||
} | ||
/** | ||
* `CORS`,全称Cross-Origin Resource Sharing,是一种允许当前域(domain)的资源(比如html/js/web service)被其他域(domain)的脚本请求访问的机制,通常由于同域安全策略(the same-origin security policy)浏览器会禁止这种跨域请求。 | ||
*/ | ||
declare const cors: (options?: CorsOptions) => WebMiddleware; | ||
export { CorsOptions, cors }; |
{ | ||
"name": "@aomex/cors", | ||
"version": "0.0.22", | ||
"version": "0.0.23", | ||
"description": "跨站资源共享", | ||
@@ -32,8 +32,8 @@ "keywords": [ | ||
"peerDependencies": { | ||
"@aomex/core": "^0.0.23", | ||
"@aomex/web": "^0.0.24" | ||
"@aomex/core": "^0.0.24", | ||
"@aomex/web": "^0.0.25" | ||
}, | ||
"devDependencies": { | ||
"@aomex/core": "^0.0.23", | ||
"@aomex/web": "^0.0.24" | ||
"@aomex/core": "^0.0.24", | ||
"@aomex/web": "^0.0.25" | ||
}, | ||
@@ -40,0 +40,0 @@ "scripts": { |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
19858
179