ekit-cross-site

ekit-cross-site

Problem

You may face the problem with Access-Control-Allow-Origin when you want to call API on cross domain. Here is the simple solution for that.

Usage

Require ekit-cross-site module before all other API defination and put the list of allow site as below

Note: only use with expressjs

...
var app = express();

app.configure(function(){
  app.set('port', process.env.PORT || 3000);
  app.set('views', __dirname + '/views');
  ...
});

require('ekit-cross-site')(app, ['http://127.0.0.1:9000', 'http://0.0.0.0:9000']);
...

How does it look like

var config = {
	allow: ['http://127.0.0.1:9000', 'http://0.0.0.0:9000']
};

module.exports = function(app, allowList) {
	// allow
	config.allow = allowList;
	// allow request
	app.all('/*', function(req, res, next) {
		var isPass = false;
		for (var i in config.allow) {
			if (req.headers.origin === config.allow[i]) {
				isPass = true;
			}
		};
		if (isPass === true) {
			res.header('Access-Control-Allow-Origin', req.headers.origin);
			res.header('Access-Control-Allow-Methods', '*');
			res.header('Access-Control-Allow-Headers', 'Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept');
		};
		return next();
	});
}