@marblejs/middleware-cors
Version:
A CORS middleware for Marble.js
53 lines (52 loc) • 2.04 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.configurePreflightResponse = void 0;
const utils_1 = require("@marblejs/core/dist/+internal/utils");
const checkOrigin_1 = require("./checkOrigin");
const applyHeaders_1 = require("./applyHeaders");
const util_1 = require("./util");
function configurePreflightResponse(req, res, options) {
const origin = req.headers.origin;
const headers = [];
res.statusCode = options.optionsSuccessStatus;
if (!(0, checkOrigin_1.checkOrigin)(req, options.origin)) {
return;
}
headers.push({ key: applyHeaders_1.AccessControlHeader.Origin, value: origin });
if (options.withCredentials) {
headers.push({ key: applyHeaders_1.AccessControlHeader.Credentials, value: 'true' });
}
if ((0, utils_1.isString)(options.allowHeaders) && options.allowHeaders === '*') {
headers.push({
key: applyHeaders_1.AccessControlHeader.Headers,
value: '*',
});
}
else if (Array.isArray(options.allowHeaders) &&
options.allowHeaders.length > 0) {
headers.push({
key: applyHeaders_1.AccessControlHeader.Headers,
value: options.allowHeaders.map(header => (0, util_1.capitalize)(header)).join(', '),
});
}
if (options.maxAge) {
headers.push({
key: applyHeaders_1.AccessControlHeader.MaxAge,
value: `${options.maxAge}`,
});
}
if (Array.isArray(options.methods) && options.methods.length > 0) {
if (req.headers['access-control-request-method'] &&
!options.methods.includes(req.headers['access-control-request-method'])) {
res.statusCode = 405;
}
else {
headers.push({
key: applyHeaders_1.AccessControlHeader.Methods,
value: options.methods.join(', '),
});
}
}
(0, applyHeaders_1.applyHeaders)(headers, res);
}
exports.configurePreflightResponse = configurePreflightResponse;