UNPKG

@nodeboot/http-server

Version:

Node-Boot http server package. It provides a simple way to create HTTP servers using Node.js, with support for routing, middleware, and request handling.

github.com/nodejs-boot/node-boot

nodejs-boot/node-boot

98 lines 3.68 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.isOriginAllowed = isOriginAllowed; exports.applyCorsHeaders = applyCorsHeaders; function isOriginAllowed(requestOrigin, allowedOrigin) { if (!requestOrigin) return false; if (Array.isArray(allowedOrigin)) { return allowedOrigin.some(o => isOriginAllowed(requestOrigin, o)); } if (typeof allowedOrigin === "string") { return requestOrigin === allowedOrigin; } if (allowedOrigin instanceof RegExp) { return allowedOrigin.test(requestOrigin); } return Boolean(allowedOrigin); // true allows all, false blocks all } async function applyCorsHeaders(req, res, options = {}) { const requestOrigin = req.headers.origin; const isPreflight = req.method === "OPTIONS"; const { origin = "*", methods = "GET,HEAD,PUT,PATCH,POST,DELETE", allowedHeaders, exposedHeaders, credentials = false, maxAge, preflightContinue = false, optionsSuccessStatus = 204, } = options; let resolvedOrigin = undefined; // Handle dynamic origin if (typeof origin === "function") { return new Promise((resolve, _) => { origin(requestOrigin, (err, allow) => { if (err || allow === false) { resolve(false); return; } resolvedOrigin = requestOrigin && isOriginAllowed(requestOrigin, allow ?? "*") ? requestOrigin : undefined; if (resolvedOrigin) { setCorsHeaders(res, { resolvedOrigin, methods, allowedHeaders, exposedHeaders, credentials, maxAge, }); } if (isPreflight && !preflightContinue) { res.statusCode = optionsSuccessStatus; res.end(); resolve(false); // stop processing } else { resolve(true); // continue processing } }); }); } // Static origin matching if (origin === true || origin === "*") { resolvedOrigin = "*"; } else if (isOriginAllowed(requestOrigin, origin)) { resolvedOrigin = requestOrigin; } if (resolvedOrigin) { setCorsHeaders(res, { resolvedOrigin, methods, allowedHeaders, exposedHeaders, credentials, maxAge, }); } // Handle preflight short-circuit if (isPreflight && !preflightContinue) { res.statusCode = optionsSuccessStatus; res.end(); return false; } return true; } function setCorsHeaders(res, { resolvedOrigin, methods, allowedHeaders, exposedHeaders, credentials, maxAge, }) { res.setHeader("Access-Control-Allow-Origin", resolvedOrigin); if (credentials) { res.setHeader("Access-Control-Allow-Credentials", "true"); } if (methods) { res.setHeader("Access-Control-Allow-Methods", Array.isArray(methods) ? methods.join(",") : methods); } if (allowedHeaders) { res.setHeader("Access-Control-Allow-Headers", Array.isArray(allowedHeaders) ? allowedHeaders.join(",") : allowedHeaders); } if (exposedHeaders) { res.setHeader("Access-Control-Expose-Headers", Array.isArray(exposedHeaders) ? exposedHeaders.join(",") : exposedHeaders); } if (maxAge) { res.setHeader("Access-Control-Max-Age", maxAge.toString()); } } //# sourceMappingURL=cors.js.map