serverless-cors-plugin
Advanced tools
Readme
A Serverless Plugin for the Serverless Framework which adds support for CORS (Cross-origin resource sharing).
THIS PLUGIN REQUIRES SERVERLESS V0.5 OR HIGHER!
This plugins does the following:
It will add CORS response headers to all resource methods with a CORS-policy configured.
It will add an OPTIONS preflight endpoint with the proper headers for all
resources with a CORS-policy configured.
In your project root, run:
npm install --save serverless-cors-plugin
Add the plugin to s-project.json:
"plugins": [
"serverless-cors-plugin"
]
To find the best compatible (major) version, use the table below:
| Serverless version | Plugin version |
|---|---|
| v0.1 | v0.1 |
| v0.2-v0.3 | v0.2 |
| v0.4 | v0.3 |
| v0.5 | v0.4 |
Add the following properties to s-function.json to configure a CORS-policy:
"custom": {
"cors": {
"allowOrigin": "*",
"allowHeaders": ["Content-Type", "X-Amz-Date", "Authorization", "X-Api-Key"]
}
}
The allowOrigin property is required, the other headers are optional. You can also add this
configuration to s-project.json instead of s-function.json to apply the CORS-policy
project-wide.
Run endpoint deploy and the CORS headers will dynamically be configured and deployed.
Use the -a / --all flag to deploy pre-flight OPTIONS endpoints.
Caution: you will probably notice some warnings on missing stage and region
template variables. These can be ignored until the issue is fixed.
These are all options you can use:
| Option | Type | Example |
|---|---|---|
allowOrigin | String | "*" |
allowHeaders | Array | ["Content-Type", "X-Api-Key"] |
allowCredentials | Boolean | true |
exposeHeaders | Array | ["Content-Type", "X-Api-Key"] |
maxAge | Number | 3600 |
For more information, read the CORS documentation.
ISC License. See the LICENSE file.
FAQs
Serverless CORS Plugin - Managing Cross-origin resource sharing (CORS) policies
The npm package serverless-cors-plugin receives a total of 206 weekly downloads. As such, serverless-cors-plugin popularity was classified as not popular.
We found that serverless-cors-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.