@a-2-c-2-anpm/at-assumenda-sit
v1.0.0
Published
[![NPM version][npm-image]][npm-url] [![Node.js CI](https://github.com/a-2-c-2-anpm/at-assumenda-sit/actions/workflows/nodejs.yml/badge.svg)](https://github.com/a-2-c-2-anpm/at-assumenda-sit/actions/workflows/nodejs.yml) [![Test coverage][codecov-image]][
Downloads
5
Maintainers
Keywords
Readme
@a-2-c-2-anpm/at-assumenda-sit
Cross-Origin Resource Sharing(CORS) for koa
Installation
$ npm install @a-2-c-2-anpm/at-assumenda-sit --save
Quick start
Enable cors with default options:
- origin:
*
(v4 and before: the request's Origin header). This means that by default the requests from all origin webpages will be allowed. If you're running a generic API server, this is what you want, but otherwise you should look into changing the default to something more suitable to your application. - allowMethods: GET,HEAD,PUT,POST,DELETE,PATCH
const Koa = require('koa');
const cors = require('@a-2-c-2-anpm/at-assumenda-sit');
const app = new Koa();
app.use(cors());
cors(options)
/**
* CORS middleware
*
* @param {Object} [options]
* - {String|Function(ctx)} origin `Access-Control-Allow-Origin`, default is '*'
* If `credentials` set and return `true, the `origin` default value will set to the request `Origin` header
* - {String|Array} allowMethods `Access-Control-Allow-Methods`, default is 'GET,HEAD,PUT,POST,DELETE,PATCH'
* - {String|Array} exposeHeaders `Access-Control-Expose-Headers`
* - {String|Array} allowHeaders `Access-Control-Allow-Headers`
* - {String|Number} maxAge `Access-Control-Max-Age` in seconds
* - {Boolean|Function(ctx)} credentials `Access-Control-Allow-Credentials`, default is false.
* - {Boolean} keepHeadersOnError Add set headers to `err.header` if an error is thrown
* - {Boolean} secureContext `Cross-Origin-Opener-Policy` & `Cross-Origin-Embedder-Policy` headers.', default is false
* - {Boolean} privateNetworkAccess handle `Access-Control-Request-Private-Network` request by return `Access-Control-Allow-Private-Network`, default to false
* @return {Function} cors middleware
* @api public
*/
Breaking change between 4.0 and 5.0
The default origin
is set to *
, if you want to keep the 4.0 behavior, you can set the origin
handler like this:
app.use(cors({
origin(ctx) {
return ctx.get('Origin') || '*';
},
}));
License
Contributors
|fengmk2|dead-horse|omsmith|jonathanong|AlphaWong|cma-skedulo| | :---: | :---: | :---: | :---: | :---: | :---: | |CleberRossi|erikfried|j-waaang|ltomes|lfreneda|matthewmueller| PlasmaPower|swain|TyrealHu|xg-wang|lishengzxc|mcohen75
This project follows the git-contributor spec, auto updated at Sat Oct 08 2022 21:35:10 GMT+0800
.