Launch Week Day 3: Introducing Organization Notifications in Socket.Learn More
Socket
Book a DemoSign in
Socket
Book a DemoSign in

fastify-cors

Package Overview
Dependencies
Maintainers
17
Versions
26
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

fastify-cors - npm Package Compare versions

Comparing version
6.0.2
 to
6.0.3
+7
-6
.github/dependabot.yml
version: 2
updates:
- package-ecosystem: github-actions
directory: '/'
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily
interval: "monthly"
open-pull-requests-limit: 10
- package-ecosystem: npm
directory: '/'
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: daily
interval: "weekly"
open-pull-requests-limit: 10
+21
-20
.github/workflows/ci.yml
name: CI
on:
'on':
push:
paths-ignore:
- 'docs/**'
- docs/**
- '*.md'
pull_request:
paths-ignore:
- 'docs/**'
- docs/**
- '*.md'
jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
matrix:
node-version: [10, 12, 13, 14, 16]
os: [macos-latest, ubuntu-latest, windows-latest]
node-version:
- 10
- 12
- 13
- 14
- 16
os:
- macos-latest
- ubuntu-latest
- windows-latest
steps:
- uses: actions/checkout@v2.3.4
- uses: actions/checkout@v2
- name: Use Node.js
uses: actions/setup-node@v2.2.0
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
- name: Install Dependencies
run: |
npm install --ignore-scripts
- name: Run Tests
run: |
npm run test:ci
- name: Coveralls Parallel
uses: coverallsapp/github-action@v1.1.2
uses: coverallsapp/github-action@1.1.3
with:

@@ -44,3 +44,2 @@ github-token: ${{ secrets.GITHUB_TOKEN }}

flag-name: run-${{ matrix.node-version }}-${{ matrix.os }}
coverage:

@@ -51,13 +50,15 @@ needs: test

- name: Coveralls Finished
uses: coverallsapp/github-action@v1.1.2
uses: coverallsapp/github-action@1.1.3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
parallel-finished: true
automerge:
needs: test
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: write
steps:
- uses: fastify/github-action-merge-dependabot@v2.2.0
- uses: fastify/github-action-merge-dependabot@v3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
+1
-0
index.js

@@ -213,2 +213,3 @@ 'use strict'

} else if (allowedOrigin instanceof RegExp) {
allowedOrigin.lastIndex = 0
return allowedOrigin.test(reqOrigin)

@@ -215,0 +216,0 @@ } else {

+5
-5
package.json
{
"name": "fastify-cors",
"version": "6.0.2",
"version": "6.0.3",
"description": "Fastify CORS",

@@ -36,5 +36,5 @@ "main": "index.js",

"devDependencies": {
"@types/node": "^16.0.0",
"@typescript-eslint/eslint-plugin": "^4.0.0",
"@typescript-eslint/parser": "^4.1.1",
"@types/node": "^17.0.0",
"@typescript-eslint/eslint-plugin": "^5.12.1",
"@typescript-eslint/parser": "^5.12.1",
"cors": "^2.8.5",

@@ -44,3 +44,3 @@ "fastify": "^3.8.0",

"tap": "^15.0.2",
"tsd": "^0.17.0",
"tsd": "^0.19.0",
"typescript": "^4.0.2"

@@ -47,0 +47,0 @@ },

+15
-9
README.md

@@ -46,3 +46,4 @@ # fastify-cors

origin: (origin, cb) => {
if(/localhost/.test(origin)){
const hostname = new URL(origin).hostname
if(hostname === "localhost"){
// Request from localhost will pass

@@ -72,11 +73,16 @@ cb(null, true)

fastify.register(require('fastify-cors'), (instance) => (req, callback) => {
let corsOptions;
// do not include CORS headers for requests from localhost
if (/localhost/.test(origin)) {
corsOptions = { origin: false }
} else {
corsOptions = { origin: true }
fastify.register(require('fastify-cors'), function (instance) {
return (req, callback) => {
let corsOptions;
const origin = req.headers.origin
// do not include CORS headers for requests from localhost
const hostname = new URL(origin).hostname
if(hostname === "localhost"){
corsOptions = { origin: false }
} else {
corsOptions = { origin: true }
}
callback(null, corsOptions) // callback expects two parameters: error and options
}
callback(null, corsOptions) // callback expects two parameters: error and options
})

@@ -83,0 +89,0 @@ 

+20
-15
test/cors.test.js

@@ -634,6 +634,6 @@ 'use strict'

test('Allow only request from a specific origin using regex', t => {
t.plan(4)
t.plan(8)
const fastify = Fastify()
fastify.register(cors, { origin: /^(example|other)\.com/ })
fastify.register(cors, { origin: /(example|other)\.com/gi })

@@ -644,16 +644,21 @@ fastify.get('/', (req, reply) => {

fastify.inject({
method: 'GET',
url: '/',
headers: { origin: 'example.com' }
}, (err, res) => {
t.error(err)
delete res.headers.date
t.equal(res.statusCode, 200)
t.equal(res.payload, 'ok')
t.match(res.headers, {
'access-control-allow-origin': 'example.com',
vary: 'Origin'
// .test was previously used, which caused 2 consecutive requests to return
// different results with global (e.g. /g) regexes. Therefore, check this
// twice to check consistency
for (let i = 0; i < 2; i++) {
fastify.inject({
method: 'GET',
url: '/',
headers: { origin: 'https://www.example.com/' }
}, (err, res) => {
t.error(err)
delete res.headers.date
t.equal(res.statusCode, 200)
t.equal(res.payload, 'ok')
t.match(res.headers, {
'access-control-allow-origin': 'https://www.example.com/',
vary: 'Origin'
})
})
})
}
})

@@ -660,0 +665,0 @@