Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@lbu/server

Package Overview
Dependencies
Maintainers
2
Versions
98
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@lbu/server - npm Package Compare versions

Comparing version 0.0.40 to 0.0.41

13

index.d.ts

@@ -1232,3 +1232,3 @@ // Original types from @types/koa & @types/koa-compose

*/
origin?: string | ((ctx: Context) => string | boolean);
origin?: string | ((ctx: Context) => string | undefined);

@@ -1238,3 +1238,3 @@ /**

*/
exposeHeaders?: string[];
exposeHeaders?: string[] | string;

@@ -1255,3 +1255,3 @@ /**

*/
allowMethods?: string[];
allowMethods?: string[] | string;

@@ -1261,8 +1261,3 @@ /**

*/
allowHeaders?: string[];
/**
* By default, and if false, won't call next, but just returns undefined
*/
returnNext?: boolean;
allowHeaders?: string[] | string;
}

@@ -1269,0 +1264,0 @@

8

package.json
{
"name": "@lbu/server",
"version": "0.0.40",
"version": "0.0.41",
"description": "Koa server and common middleware",

@@ -19,4 +19,4 @@ "main": "./index.js",

"dependencies": {
"@lbu/insight": "0.0.40",
"@lbu/stdlib": "0.0.40",
"@lbu/insight": "0.0.41",
"@lbu/stdlib": "0.0.41",
"keygrip": "1.1.0",

@@ -42,3 +42,3 @@ "koa": "2.13.0",

},
"gitHead": "382078854df41ea429809b4cb8eced0106140b21"
"gitHead": "7498e3fc7cf0232472d8ebeec32bd62acd9d3a64"
}

57

src/middleware/cors.js

@@ -42,3 +42,19 @@ /*

let originFn = (ctx) => options.origin || ctx.get("Origin") || "*";
if (Array.isArray(opts.exposeHeaders)) {
opts.exposeHeaders = opts.exposeHeaders.join(",");
}
if (Array.isArray(opts.allowHeaders)) {
opts.allowHeaders = opts.allowHeaders.join(",");
}
if (Array.isArray(opts.allowMethods)) {
opts.allowMethods = opts.allowMethods.join(",");
}
if (opts.maxAge) {
opts.maxAge = String(opts.maxAge);
}
let originFn = (ctx) => options.origin || ctx.get("origin") || "*";
if (typeof options.origin === "function") {

@@ -51,4 +67,7 @@ originFn = options.origin;

// Use CORS_URL array provided via environment variables
const allowedOrigins = (process.env.CORS_URL || "").split(",");
originFn = (ctx) =>
(process.env.CORS_URL || "").split(",").indexOf(ctx.get("Origin")) !== -1;
allowedOrigins.indexOf(ctx.get("origin")) !== -1
? ctx.get("origin")
: undefined;
}

@@ -58,4 +77,2 @@

return (ctx, next) => {
const returnValue = opts.returnNext ? next : () => undefined;
// always set vary Origin Header

@@ -67,34 +84,28 @@ // https://github.com/rs/cors/issues/10

if (!origin) {
return returnValue();
return next();
}
// Access-Control-Allow-Origin
ctx.set("Access-Control-Allow-Origin", origin);
if (ctx.method === "OPTIONS") {
// Preflight Request
if (!ctx.get("Access-Control-Request-Method")) {
return returnValue();
// Invalid request, skip directly
return next();
}
// Access-Control-Max-Age
ctx.set("Access-Control-Allow-Origin", origin);
if (opts.maxAge) {
ctx.set("Access-Control-Max-Age", String(opts.maxAge));
ctx.set("Access-Control-Max-Age", opts.maxAge);
}
// Access-Control-Allow-Credentials
if (opts.credentials === true) {
// When used as part of a response to a preflight request,
// this indicates whether or not the actual request can be made using credentials.
ctx.set("Access-Control-Allow-Credentials", "true");
}
// Access-Control-Allow-Methods
if (opts.allowMethods) {
ctx.set("Access-Control-Allow-Methods", opts.allowMethods.join(","));
ctx.set("Access-Control-Allow-Methods", opts.allowMethods);
}
// Access-Control-Allow-Headers
if (opts.allowHeaders) {
ctx.set("Access-Control-Allow-Headers", opts.allowHeaders.join(","));
ctx.set("Access-Control-Allow-Headers", opts.allowHeaders);
} else {

@@ -109,4 +120,5 @@ ctx.set(

} else {
// Request
// Access-Control-Allow-Credentials
// Non OPTIONS request
ctx.set("Access-Control-Allow-Origin", origin);
if (opts.credentials === true) {

@@ -121,10 +133,9 @@ if (origin === "*") {

// Access-Control-Expose-Headers
if (opts.exposeHeaders) {
ctx.set("Access-Control-Expose-Headers", opts.exposeHeaders.join(","));
ctx.set("Access-Control-Expose-Headers", opts.exposeHeaders);
}
return returnValue();
return next();
}
};
}

6

src/middleware/headers.js

@@ -15,4 +15,3 @@ import { cors } from "./cors.js";

};
const corsOptions = opts.cors || {};
corsOptions.returnNext = false;
const corsExec = cors(opts.cors);

@@ -22,6 +21,5 @@

ctx.set(standardHeaders);
corsExec(ctx);
return next();
return corsExec(ctx, next);
};
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc