@tinyhttp/cors
A rewrite of expressjs/cors module.
HTTP cors header middleware
Install
pnpm i @tinyhttp/cors
API
import { cors } from '@tinyhttp/cors'
cors(options)
Returns the CORS middleware with the settings specified in the parameters
Options
origin
: Can be a string defining the Access-Control-Allow-Origin
value, a boolean which if set to true sets the header to '*'
or a function which contains the request and response as parameters and must return the value for the Access-Control-Allow-Origin
headermethods
: Array of method names which define the Access-Control-Allow-Methods
header, default to all the most common methods (GET
, HEAD
, PUT
, PATCH
, POST
, DELETE
)allowedHeaders
: Configures the Access-Control-Allow-Headers
CORS header. Expects an array (ex: ['Content-Type'
, 'Authorization'
]).exposedHeaders
: Configures the Access-Control-Expose-Headers
CORS header. If not specified, no custom headers are exposedcredentials
: Configures the Access-Control-Allow-Credentials
CORS header. Set to true to pass the header, otherwise it is omitted.maxAge
: Configures the Access-Control-Max-Age
CORS header. Set to an integer to pass the header, otherwise it is omitted.optionsSuccessStatus
: Provides a status code to use for successful OPTIONS requests, since some legacy browsers (IE11, various SmartTVs) choke on 204.
The default configuration is:
{
"origin": "*",
"methods": ["GET", "HEAD", "PUT", "PATCH", "POST", "DELETE"],
"optionsSuccessStatus": 204
}
Example
import { App } from '@tinyhttp/app'
import { cors } from '@tinyhttp/cors'
const app = new App()
app.use(cors({ origin: 'https://myfantastic.site/' }))
app.options('*', cors())
app.get('/', (req, res) => {
res.send('The headers contained in my response are defined in the cors middleware')
})
app.listen(3000)
Alternatives
License
MIT © BRA1L0R