@koa/cors
Advanced tools
Readme
Cross-Origin Resource Sharing(CORS) for koa
$ npm install @koa/cors --save
Enable cors with default options:
const Koa = require('koa');
const cors = require('@koa/cors');
const app = new Koa();
app.use(cors());
/**
* CORS middleware
*
* @param {Object} [options]
* - {String|Function(ctx)} origin `Access-Control-Allow-Origin`, default is '*'
* If `credentials` set and return `true, the `origin` default value will set to the request `Origin` header
* - {String|Array} allowMethods `Access-Control-Allow-Methods`, default is 'GET,HEAD,PUT,POST,DELETE,PATCH'
* - {String|Array} exposeHeaders `Access-Control-Expose-Headers`
* - {String|Array} allowHeaders `Access-Control-Allow-Headers`
* - {String|Number} maxAge `Access-Control-Max-Age` in seconds
* - {Boolean|Function(ctx)} credentials `Access-Control-Allow-Credentials`, default is false.
* - {Boolean} keepHeadersOnError Add set headers to `err.header` if an error is thrown
* - {Boolean} secureContext `Cross-Origin-Opener-Policy` & `Cross-Origin-Embedder-Policy` headers.', default is false
* - {Boolean} privateNetworkAccess handle `Access-Control-Request-Private-Network` request by return `Access-Control-Allow-Private-Network`, default to false
* @return {Function} cors middleware
* @api public
*/
The default origin is set to *, if you want to keep the 4.0 behavior, you can set the origin handler like this:
app.use(cors({
origin(ctx) {
return ctx.get('Origin') || '*';
},
}));
 fengmk2 |  dead-horse |  omsmith |  jonathanong |  AlphaWong |  cma-skedulo |
|---|---|---|---|---|---|
 CleberRossi |  erikfried |  j-waaang |  ltomes |  lfreneda |  matthewmueller |
 PlasmaPower |  swain |  TyrealHu |  xg-wang |  lishengzxc |  mcohen75 |
This project follows the git-contributor spec, auto updated at Sat Oct 08 2022 21:35:10 GMT+0800.
FAQs
Cross-Origin Resource Sharing(CORS) for koa
The npm package @koa/cors receives a total of 461,947 weekly downloads. As such, @koa/cors popularity was classified as popular.
We found that @koa/cors demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.