itty-router-extras/middleware/withCors.js

An assortment of delicious extras for the calorie-light itty-router.

const withCors=(e={})=>s=>{const{origin:o="*",methods:r="GET, POST, PATCH, DELETE",headers:t="authorization, referer, origin, content-type",credentials:l=!1}=e,n=s.headers.get("Referer"),c=new URL(n),i=(c.origin.match(/[^\w](slick\.af)|(localhost:3000)$/)&&c.origin,{"Access-Control-Allow-Origin":o,"Access-Control-Allow-Methods":r,"Access-Control-Allow-Headers":t});return allowCredentials&&(i["Access-Control-Allow-Credentials"]="true"),null!==s.headers.get("Origin")&&null!==s.headers.get("Access-Control-Request-Method")?new Response(null,{status:204,headers:i}):new Response(null,{headers:{Allow:`${r} , HEAD, OPTIONS`}})},addCorsHeaders=e=>s=>{let o="https://slick.af";const r=e.headers.get("Referer");if(r){const e=new URL(r);o=e.origin.match(/[^\w](slick\.af)|(localhost:3000)$/)?e.origin:o}try{s.headers.set("Access-Control-Allow-Origin",o),s.headers.set("Access-Control-Allow-Methods","GET, HEAD, POST, PATCH, DELETE, OPTIONS"),s.headers.set("Access-Control-Allow-Credentials","true")}catch(e){}return s};module.exports={withCors:withCors};