@isomorphic-git/cors-proxy - npm Package Compare versions

Comparing version 2.2.2 to 2.2.3

index.js

@@ -51,2 +51,3 @@ 'use strict'
   allowMethods,
+  allowCredentials: false,
   origin
@@ -91,2 +92,7 @@ })
 
+  // Handle CORS preflight request
+  if (req.method === 'OPTIONS') {
+    return send(res, 200, '')
+  }
+
   let headers = {}
@@ -122,2 +128,2 @@ for (let h of allowHeaders) {
 
-module.exports = cors(service)
+module.exports = cors(service)

micro-cors.js

 // MIT License
 // https://github.com/possibilities/micro-cors
+// source: https://github.com/possibilities/micro-cors/pull/42
 const DEFAULT_ALLOW_METHODS = [
@@ -23,40 +24,27 @@ 'POST',
 
-const cors = options => handler => (req, res, ...restArgs) => {
+const cors = (options = {}) => handler => (req, res, ...restArgs) => {
   const {
-    maxAge,
-    origin,
-    allowHeaders,
-    exposeHeaders,
-    allowMethods
-  } = (options || {})
+    origin = '*',
+    maxAge = DEFAULT_MAX_AGE_SECONDS,
+    allowMethods = DEFAULT_ALLOW_METHODS,
+    allowHeaders = DEFAULT_ALLOW_HEADERS,
+    allowCredentials = true,
+    exposeHeaders = []
+  } = options
 
-  res.setHeader(
-    'Access-Control-Max-Age',
-    '' + (maxAge || DEFAULT_MAX_AGE_SECONDS)
-  )
+  res.setHeader('Access-Control-Allow-Origin', origin)
+  if (allowCredentials) {
+    res.setHeader('Access-Control-Allow-Credentials', 'true')
+  }
+  if (exposeHeaders.length) {
+    res.setHeader('Access-Control-Expose-Headers', exposeHeaders.join(','))
+  }
 
-  res.setHeader(
-    'Access-Control-Allow-Origin',
-    (origin || '*')
-  )
-
-  res.setHeader(
-    'Access-Control-Allow-Methods',
-    (allowMethods || DEFAULT_ALLOW_METHODS).join(',')
-  )
-
-  res.setHeader(
-    'Access-Control-Allow-Headers',
-    (allowHeaders || DEFAULT_ALLOW_HEADERS).join(',')
-  )
-
-  if (exposeHeaders && exposeHeaders.length) {
-    res.setHeader(
-      'Access-Control-Expose-Headers',
-      exposeHeaders.join(',')
-    )
+  const preFlight = req.method === 'OPTIONS'
+  if (preFlight) {
+    res.setHeader('Access-Control-Allow-Methods', allowMethods.join(','))
+    res.setHeader('Access-Control-Allow-Headers', allowHeaders.join(','))
+    res.setHeader('Access-Control-Max-Age', String(maxAge))
   }
 
-  res.setHeader('Access-Control-Allow-Credentials', 'true')
-
   return handler(req, res, ...restArgs)
@@ -63,0 +51,0 @@ }

package.json

 {
   "name": "@isomorphic-git/cors-proxy",
-  "version": "2.2.2",
+  "version": "2.2.3",
   "description": "Proxy clone and push requests for the browser",
@@ -5,0 +5,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

11223

increased by2.17%

Worsened metrics

Lines of code

248

decreased by-0.8%

No dependency changes