UNPKG

event_request

Version:

A Backend Server

stefangenov.site/projects

Michaelpalacce/EventRequest

105 lines (84 loc) 2.82 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
'use strict'; const PluginInterface = require( '../plugin_interface' ); /** * @brief Plugin used to apply common CORS headers */ class CorsPlugin extends PluginInterface { /** * @param {String} pluginId * @param {Object} options */ constructor( pluginId, options = {} ) { super( pluginId, options ); this.setOptions( options ); } /** * @param {Object} options */ setOptions( options = {} ) { super.setOptions( options ); this.origin = Array.isArray( this.options.origin ) || typeof this.options.origin === 'string' ? this.options.origin : '*'; this.headers = Array.isArray( this.options.headers ) ? this.options.headers.join( ', ' ) : '*'; this.methods = Array.isArray( this.options.methods ) ? this.options.methods.join( ', ' ) : 'POST, PUT, GET, DELETE, HEAD, PATCH, COPY'; this.status = typeof this.options.status === 'number' ? this.options.status : 204; this.maxAge = typeof this.options.maxAge === 'number' ? this.options.maxAge : null; this.credentials = typeof this.options.credentials === 'boolean' ? this.options.credentials : null; this.exposedHeader = Array.isArray( this.options.exposedHeaders ) ? this.options.exposedHeaders.join( ', ' ) : null; } /** * @brief Applies all the CORS headers to the response * * @param {EventRequest} event */ applyCors( event ) { if ( ! Array.isArray( this.origin ) ) { if ( this.origin === 'er_dynamic' ) event.setResponseHeader( 'Access-Control-Allow-Origin', event.getRequestHeader( 'origin' ) || '*' ); else event.setResponseHeader( 'Access-Control-Allow-Origin', this.origin ); } else { const requestOrigin = event.getRequestHeader( 'origin' ); if ( this.origin.includes( requestOrigin ) ) event.setResponseHeader( 'Access-Control-Allow-Origin', requestOrigin ); else event.setResponseHeader( 'Access-Control-Allow-Origin', this.origin[0] || '*' ); } event.setResponseHeader( 'Access-Control-Allow-Headers', this.headers ); if ( this.exposedHeader !== null ) event.setResponseHeader( 'Access-Control-Expose-Headers', this.exposedHeader ); if ( this.maxAge !== null ) event.setResponseHeader( 'Access-Control-Max-Age', this.maxAge ); if ( this.credentials === true ) event.setResponseHeader( 'Access-Control-Allow-Credentials', 'true' ); if ( event.method === 'OPTIONS' ) { event.setResponseHeader( 'Access-Control-Allow-Methods', this.methods ); event.send( '', this.status ); return; } event.next(); } /** * @brief Gets the cors middleware that adds the extra CORS headers * * @return {Array} */ getPluginMiddleware() { return [{ handler : this.applyCors.bind( this ) }]; } } module.exports = CorsPlugin;