corsen

corsen

A universal Cross-Origin Resource Sharing(CORS) middleware. Derrived from @koa/cors.

Installation

npm install corsen

or

yarn add corsen

Quick start

Enable cors with default options:

• origin: request Origin header
• allowMethods: GET,HEAD,PUT,POST,DELETE,PATCH

const http = require('http')
const cors = require('corsen')({
  // place your options here
})

const server = http.createServer((req, res) => {
  cors(req, res)
  // if you pass a function to options.origin and that function returns a Promise, you can use async/await: await cors(req, res)
  res.writeHead(200, { 'Content-Type': 'text/plain' })
  res.end('ok')
})

cors(options)

/**
 * CORS middleware
 *
 * @param {Object} [options]
 *  - {String|Function(req, res)} origin `access-control-allow-origin`, default is request Origin header
 *  - {String|Array} allowMethods `access-control-allow-methods`, default is 'GET,HEAD,PUT,POST,DELETE,PATCH'
 *  - {String|Array} exposeHeaders `access-control-expose-headers`
 *  - {String|Array} allowHeaders `access-control-allow-headers`
 *  - {String|Number} maxAge `access-control-max-age` in seconds
 *  - {Boolean} credentials `access-control-allow-credentials`
 * @return {Function} cors middleware
 * @api public
 */

Credit

All the commit before 71c4d00 are credited to koajs contributors.

Difference between corsen and @koa/cors

• The middleware function returned by corsen has a signature of function(http.IncomingMessage, http.ServerResponse), while @koa/cors recieves a koa's Context object.
• All the header names set in corsen are lowercase.
• corsen has removed the error handling utility of @koa/cors. There is not keepHeadersOnError porperty in options.

Examples

felid-cors A Felid plugin for CORS.

License

MIT