CORS
cors
is a middleware that implements
CORS.
import { cors } from '@shelepuginivan/lunatic'
app.use(cors())
app.post('/', (req, res) => { res.status(200).json({ message: 'now CORS is supported!' })})
app.listen(8000)
cors
is a configurable middleware, meaning that it accepts options
object:
import { cors, CorsOptions } from '@shelepuginivan/lunatic'
const corsOptions: CorsOptions = { origin: 'http://localhost:3000', credentials: true,}
app.use(cors(corsOptions))
app.post('/', (req, res) => { res.status(200).json({ message: 'now CORS is supported!' })})
app.listen(8000)
Configuration options
origin
Allowed request origins. The behavior depends on the type of the argument provided.
boolean
—true
enables CORS for all origins,false
disables CORSstring
— a specific origin, e.g.http://localhost:3000
RegExp
— all origins that match against the given regular expressionstring[]
— all origins that are present in the listRegExp[]
— all origins that match against one of the given regular expressions(origin: string) => boolean
— a predicate function that reports whether origin is allowed
Default: "*"
(enables CORS for all origins).
methods
Allowed request methods. The behavior depends on the type of the argument provided.
HttpMethod
— specific HTTP methodHttpMethod[]
— any of the HTTP method from the list
allowedHeaders
Allowed request headers. The behavior depends on the type of the argument provided.
string
— a specific headerstring[]
- all headers that present in the list
credentials
Whether to allow credentials. Accepts a boolean
.
Note that if origin is set to *
(as by default), credentials won’t be
included
exposedHeaders
Response headers that can be accessed in browser JavaScript. The behavior depends on the type of the argument provided.
string
— a specific headerstring[]
- all headers that present in the list
maxAge
Configures
Access-Control-Max-Age
header. Accepts a number
, which is a value in seconds.
corsErrorStatus
Response status if CORS is not allowed for this request. Accepts a number
.
Default: 403
preflightSuccessStatus
Response status for preflight
OPTIONS
request. Accepts a number
.
Default: 204