it requires node v7.6.0 or higher now
npm install --save koa2-cors
var Koa = require('koa');
var cors = require('koa2-cors');
var app = new Koa();
app.use(cors());
Configures the Access-Control-Allow-Origin CORS header. expects a string. Can also be set to a function, which takes the ctx as the first parameter.
Configures the Access-Control-Expose-Headers CORS header. Expects a comma-delimited array.
Configures the Access-Control-Max-Age CORS header. Expects a Number.
Configures the Access-Control-Allow-Credentials CORS header. Expects a Boolean.
Configures the Access-Control-Allow-Methods CORS header. Expects a comma-delimited array , If not specified, default allowMethods is ['GET', 'PUT', 'POST', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'].
Configures the Access-Control-Allow-Headers CORS header. Expects a comma-delimited array . If not specified, defaults to reflecting the headers specified in the request's Access-Control-Request-Headers header.
var Koa = require('koa');
var cors = require('koa2-cors');
var app = new Koa();
app.use(cors({
origin: function(ctx) {
if (ctx.url === '/test') {
return false;
}
return '*';
},
exposeHeaders: ['WWW-Authenticate', 'Server-Authorization'],
maxAge: 5,
credentials: true,
allowMethods: ['GET', 'POST', 'DELETE'],
allowHeaders: ['Content-Type', 'Authorization', 'Accept'],
}));
...
FAQs
cors middleware for koa2
The npm package koa2-cors receives a total of 15,596 weekly downloads. As such, koa2-cors popularity was classified as popular.
We found that koa2-cors demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ECMAScript 2025 introduces Iterator Helpers, Set methods, JSON modules, and more in its latest spec update approved by Ecma in June 2025.
Security News
A new Node.js homepage button linking to paid support for EOL versions has sparked a heated discussion among contributors and the wider community.
Research
North Korean threat actors linked to the Contagious Interview campaign return with 35 new malicious npm packages using a stealthy multi-stage malware loader.