Middleware to set your Cross Origin Resource Sharing headers in your http clients ✌🏽.
cors-middleware functions as middleware that takes in req, res, ctx,
done and sets all applicable headers on the res argument.
var corsMiddleware = require('cors-middleware')
var merry = require('merry')
var mw = merry.middleware
var cors = corsMiddleware({
methods: 'GET',
origin: 'http://localhost:8080'
})
var app = merry()
app.use(cors)
app.router('GET', '/', homeRoute)
function homeRoute (req, res, ctx) {
console.log(res.getHeader('access-control-allow-origin')) // 'http://localhost:8080'
ctx.send(200, { msg: 'woah cors headers are all set' })
}You can pass on a few options to the cors wrapper to handle the specific headers you might need. If not tho, we gotchu with some defaults.
- opts.headers: sets up headers that you want browsers to be able to access.
Takes an array. Defaults to
['Content-Type', 'Accept', 'X-Requested-With']. - opts.methods: these are methods that are allowed to access your resource.
Also takes in an array. Will default to the usual suspects of
['PUT', 'POST', 'DELETE', 'GET', 'OPTIONS'] - opts.credentials: this indicates whether or not a request can be made using credentials. Will default to true.
- opts.origin: this specifies a URI that can access your resource. Takes in
a string and will default to wildcard,
'*'