cors-middleware

cors-middleware

Middleware to set your Cross Origin Resource Sharing headers in your http clients ✌🏽.

usage

cors-middleware functions as middleware that takes in req, res, ctx, done and sets all applicable headers on the res argument.

var corsMiddleware = require('cors-middleware')
var merry = require('merry')

var mw = merry.middleware
var cors = corsMiddleware({
  methods: 'GET',
  origin: 'http://localhost:8080'
})

var app = merry()
app.use(cors)
app.router('GET', '/', homeRoute)

function homeRoute (req, res, ctx) {
  console.log(res.getHeader('access-control-allow-origin')) // 'http://localhost:8080'
  ctx.send(200, { msg: 'woah cors headers are all set' })
}

cors = corsMiddleware(opts)

You can pass on a few options to the cors wrapper to handle the specific headers you might need. If not tho, we gotchu with some defaults.

• opts.headers: sets up headers that you want browsers to be able to access. Takes an array. Defaults to ['Content-Type', 'Accept', 'X-Requested-With'].
• opts.methods: these are methods that are allowed to access your resource. Also takes in an array. Will default to the usual suspects of ['PUT', 'POST', 'DELETE', 'GET', 'OPTIONS']
• opts.credentials: this indicates whether or not a request can be made using credentials. Will default to true.
• opts.origin: this specifies a URI that can access your resource. Takes in a string and will default to wildcard, '*'

related content

• shipharbor/merry
• CORS

License

MIT