serverless-cors-plugin
v0.4.2
Published
Serverless CORS Plugin - Managing Cross-origin resource sharing (CORS) policies
Downloads
999
Readme
Serverless CORS Plugin
A Serverless Plugin for the Serverless Framework which adds support for CORS (Cross-origin resource sharing).
THIS PLUGIN REQUIRES SERVERLESS V0.5 OR HIGHER!
Introduction
This plugins does the following:
It will add CORS response headers to all resource methods with a CORS-policy configured.
It will add an
OPTIONS
preflight endpoint with the proper headers for all resources with a CORS-policy configured.
Installation
In your project root, run:
npm install --save serverless-cors-plugin
Add the plugin to s-project.json
:
"plugins": [
"serverless-cors-plugin"
]
To find the best compatible (major) version, use the table below:
Serverless version | Plugin version ---|:--- v0.1 | v0.1 v0.2-v0.3 | v0.2 v0.4 | v0.3 v0.5 | v0.4
Usage
Add the following properties to s-function.json
to configure a CORS-policy:
"custom": {
"cors": {
"allowOrigin": "*",
"allowHeaders": ["Content-Type", "X-Amz-Date", "Authorization", "X-Api-Key"]
}
}
The allowOrigin
property is required, the other headers are optional. You can also add this
configuration to s-project.json
instead of s-function.json
to apply the CORS-policy
project-wide.
Run endpoint deploy
and the CORS headers will dynamically be configured and deployed.
Use the -a
/ --all
flag to deploy pre-flight OPTIONS endpoints.
Caution: you will probably notice some warnings on missing stage
and region
template variables. These can be ignored until the issue is fixed.
Options
These are all options you can use:
Option | Type | Example
---|:---|:---
allowOrigin
| String | "*"
allowHeaders
| Array | ["Content-Type", "X-Api-Key"]
allowCredentials
| Boolean | true
exposeHeaders
| Array | ["Content-Type", "X-Api-Key"]
maxAge
| Number | 3600
For more information, read the CORS documentation.
Roadmap
- Dynamically set origin headers (#2)
- Add more verbose (debugging) output
- Better support for authenticated requests
License
ISC License. See the LICENSE file.