koa-cors - npm Package Compare versions

Comparing version 0.0.13 to 0.0.14

index.js

@@ -9,3 +9,3 @@ /**
 module.exports = function(settings) {
-
+  "use strict";
   var defaults = {
@@ -33,7 +33,13 @@ origin: function(req) {
     var origin;
+
     if (typeof options.origin === 'string') {
       origin = options.origin;
+    } else if (typeof options.origin === 'function') {
+      origin = options.origin(this.request);
     } else {
       origin = defaults.origin(this.request);
     }
+
+    if (origin === false) return;
+
     this.set('Access-Control-Allow-Origin', origin);
@@ -99,4 +105,4 @@
 
-  }
+  };
 
 };

package.json

 {
   "name": "koa-cors",
-  "version": "0.0.13",
+  "version": "0.0.14",
   "description": "CORS middleware for Koa",
@@ -5,0 +5,0 @@ "main": "index.js",

test/index.js

@@ -152,2 +152,51 @@ var koa        = require('koa');
 
+describe('cors({ origin: [function]})', function() {
+
+  beforeEach(function() {
+    var originWhiteList = ["localhost", "otherhost.com"];
+
+    var originFunction = function(req) {
+      var origin = req.header.origin;
+      if (originWhiteList.indexOf(origin) !== -1) {
+        return origin;
+      }
+      return false;
+    }
+
+    setupServer({ origin: originFunction });
+  });
+
+  it('should not set any "Access-Control-Allow-*" header', function(done) {
+    superagent.get('http://localhost:3000')
+    .set('Origin', 'example.com')
+      .end(function(response) {
+        chai.expect(response.get('Access-Control-Allow-Origin')).to.not.exist;
+        chai.expect(response.get('Access-Control-Allow-Methods')).to.not.exist;
+
+        done();
+      });
+  });
+
+  it('should set "Access-Control-Allow-Origin" to "otherhost.com"', function(done) {
+    superagent.get('http://localhost:3000')
+    .set('Origin', 'otherhost.com')
+      .end(function(response) {
+        chai.expect(response.get('Access-Control-Allow-Origin')).to.equal('otherhost.com');
+
+        done();
+      });
+  });
+
+  it('should set "Access-Control-Allow-Origin" to "localhost"', function(done) {
+    superagent.get('http://localhost:3000')
+    .set('Origin', 'localhost')
+      .end(function(response) {
+        chai.expect(response.get('Access-Control-Allow-Origin')).to.equal('localhost');
+
+        done();
+      });
+  });
+
+});
+
 describe('cors({ expose: "Acccept,Authorization" })', function() {
@@ -154,0 +203,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

14597

increased by11.89%

Lines of code

337

increased by14.24%

No dependency changes