lambda-serverless-api - npm Package Compare versions

Comparing version 10.0.2 to 10.1.0

lib/plugin/cors.js

@@ -8,5 +8,3 @@ import get from 'lodash.get';
 
-const extractOrigins = (allowedOrigins, kwargs) => (Array.isArray(allowedOrigins)
-  ? allowedOrigins
-  : allowedOrigins(kwargs));
+const compile = (staticOrFn, kwargs) => (typeof staticOrFn === 'function' ? staticOrFn(kwargs) : staticOrFn);
 
@@ -18,2 +16,3 @@ class Cors extends Plugin {
     this.allowedOrigins = get(options, 'allowedOrigins', []);
+    this.responseHeaders = get(options, 'responseHeaders', {});
   }
@@ -25,3 +24,4 @@
         allowedHeaders: Joi.alternatives(Joi.array().items(Joi.string()), Joi.function()).optional(),
-        allowedOrigins: Joi.alternatives(Joi.array().items(Joi.string()), Joi.function()).optional()
+        allowedOrigins: Joi.alternatives(Joi.array().items(Joi.string()), Joi.function()).optional(),
+        responseHeaders: Joi.alternatives(Joi.object().pattern(Joi.string(), Joi.string()), Joi.function()).optional()
       }).optional()
@@ -53,3 +53,3 @@ };
 
-    const allowedOrigins = await extractOrigins(this.allowedOrigins, kwargs);
+    const allowedOrigins = await compile(this.allowedOrigins, kwargs);
     if (!allowedOrigins.includes(origin) && !allowedOrigins.includes('*')) {
@@ -65,3 +65,3 @@ throw ApiError('Origin not allowed', 403);
       'Origin',
-      ...(Array.isArray(this.allowedHeaders) ? this.allowedHeaders : await this.allowedHeaders(kwargs))
+      ...compile(this.allowedHeaders, kwargs)
     ].map((h) => h.toLowerCase());
@@ -76,3 +76,4 @@ if (!accessControlRequestHeaders.split(',').map((h) => h
       'Access-Control-Allow-Headers': allowedHeaders.join(','),
-      'Access-Control-Allow-Methods': accessControlRequestMethod
+      'Access-Control-Allow-Methods': accessControlRequestMethod,
+      ...compile(this.responseHeaders, kwargs)
     });
@@ -99,3 +100,3 @@ }
 
-    const allowedOrigins = await extractOrigins(this.allowedOrigins, kwargs);
+    const allowedOrigins = await compile(this.allowedOrigins, kwargs);
     cors.allowOrigin = allowedOrigins.includes(origin) || allowedOrigins.includes('*');
@@ -102,0 +103,0 @@ }

package.json

@@ -42,3 +42,3 @@ {
   },
-  "version": "10.0.2",
+  "version": "10.1.0",
   "scripts": {
@@ -45,0 +45,0 @@ "clean": "rm -rf lib",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

99005

increased by0.14%

Lines of code

2895

increased by0.03%

No dependency changes