@middy/http-cors - npm Package Compare versions

Comparing version 1.0.0-beta.4 to 1.0.0-beta.5

__tests__/index.js

@@ -435,2 +435,99 @@ const { invoke } = require('../../test-helpers')
   })
+
+  test('it should set Cache-Control header if present in config and http method OPTIONS', async () => {
+    const handler = middy((event, context, cb) => {
+      cb(null, {})
+    })
+
+    handler.use(cors({ cacheControl: 'max-age=3600, s-maxage=3600, proxy-revalidate' }))
+
+    const event = {
+      httpMethod: 'OPTIONS'
+    }
+
+    const response = await invoke(handler, event)
+    expect(response).toEqual({
+      headers: {
+        'Access-Control-Allow-Origin': '*',
+        'Cache-Control': 'max-age=3600, s-maxage=3600, proxy-revalidate'
+      }
+    })
+  })
+
+  test.each(['GET', 'POST', 'PUT', 'PATCH'])('it should not set Cache-Control header on %s', async (httpMethod) => {
+    const handler = middy((event, context, cb) => {
+      cb(null, {})
+    })
+
+    handler.use(cors({ cacheControl: 'max-age=3600, s-maxage=3600, proxy-revalidate' }))
+
+    const event = { httpMethod }
+
+    const response = await invoke(handler, event)
+    expect(response).toEqual({
+      headers: {
+        'Access-Control-Allow-Origin': '*'
+      }
+    })
+  })
+
+  test('it should not overwrite Cache-Control header if already set', async () => {
+    const handler = middy((event, context, cb) => {
+      cb(null, { headers: { 'Cache-Control': 'max-age=1200' } })
+    })
+
+    handler.use(cors({ cacheControl: 'max-age=3600, s-maxage=3600, proxy-revalidate' }))
+
+    const event = {
+      httpMethod: 'OPTIONS'
+    }
+
+    const response = await invoke(handler, event)
+    expect(response).toEqual({
+      headers: {
+        'Access-Control-Allow-Origin': '*',
+        'Cache-Control': 'max-age=1200'
+      }
+    })
+  })
+
+  test('it should set Access-Control-Max-Age header if present in config', async () => {
+    const handler = middy((event, context, cb) => {
+      cb(null, {})
+    })
+
+    handler.use(cors({ maxAge: '3600' }))
+
+    const event = {
+      httpMethod: 'GET'
+    }
+
+    const response = await invoke(handler, event)
+    expect(response).toEqual({
+      headers: {
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Max-Age': '3600'
+      }
+    })
+  })
+
+  test('it should not overwrite Access-Control-Max-Age header if already set', async () => {
+    const handler = middy((event, context, cb) => {
+      cb(null, { headers: { 'Access-Control-Max-Age': '-1' } })
+    })
+
+    handler.use(cors({ maxAge: '3600' }))
+
+    const event = {
+      httpMethod: 'GET'
+    }
+
+    const response = await invoke(handler, event)
+    expect(response).toEqual({
+      headers: {
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Max-Age': '-1'
+      }
+    })
+  })
 })

index.d.ts

@@ -8,2 +8,4 @@ import middy from '@middy/core'
   credentials?: boolean;
+  maxAge?: string;
+  cacheControl?: string;
 }
@@ -10,0 +12,0 @@

index.js

@@ -20,3 +20,5 @@ const getOrigin = (incomingOrigin, options) => {
   headers: null,
-  credentials: false
+  credentials: false,
+  maxAge: null,
+  cacheControl: null
 }
@@ -51,2 +53,12 @@
     }
+
+    if (options.maxAge && !Object.prototype.hasOwnProperty.call(handler.response.headers, 'Access-Control-Max-Age')) {
+      handler.response.headers['Access-Control-Max-Age'] = String(options.maxAge)
+    }
+
+    if (handler.event.httpMethod === 'OPTIONS') {
+      if (options.cacheControl && !Object.prototype.hasOwnProperty.call(handler.response.headers, 'Cache-Control')) {
+        handler.response.headers['Cache-Control'] = String(options.cacheControl)
+      }
+    }
   }
@@ -53,0 +65,0 @@

package.json

 {
   "name": "@middy/http-cors",
-  "version": "1.0.0-beta.4",
+  "version": "1.0.0-beta.5",
   "description": "CORS (Cross-Origin Resource Sharing) middleware for the middy framework",
@@ -45,6 +45,6 @@ "engines": {
   "devDependencies": {
-    "@middy/core": "^1.0.0-beta.4",
+    "@middy/core": "^1.0.0-beta.5",
     "es6-promisify": "^6.0.2"
   },
-  "gitHead": "1ae0db3b415fe9b6f6cb26c70bf0d572631e64f4"
+  "gitHead": "15f97b9e96fe0218d954d7190b16517909c8bdef"
 }

README.md

@@ -52,2 +52,4 @@ # Middy CORS middleware
  - `credentials` (bool) (optional): if true, sets the `Access-Control-Allow-Origin` as request header `Origin`, if present (default `false`)
+ - `maxAge` (string) (optional): value to put in Access-Control-Max-Age header (default: `null`)
+ - `cacheControl` (string) (optional): value to put in Cache-Control header on pre-flight (OPTIONS) requests (default: `null`)
 
@@ -54,0 +56,0 @@ NOTES:

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

21862

increased by18.16%

Lines of code

513

increased by20.99%

Number of lines in readme file

116

increased by1.75%

No dependency changes