@adaptivestone/framework 4.11.1 → 4.11.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/package.json +1 -1
  3. package/services/http/middleware/Cors.js +15 -14
  4. package/services/http/middleware/Cors.test.js +16 -4
package/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ### 4.11.2
2
+
3
+ [FIX] Cors middleware return proper headers on multidomains
4
+
1
5
  ### 4.11.1
2
6
 
3
7
  [FIX] Cors middleware return proper status
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@adaptivestone/framework",
3
- "version": "4.11.1",
3
+ "version": "4.11.2",
4
4
  "description": "Adaptive stone node js framework",
5
5
  "main": "index.js",
6
6
  "engines": {
package/services/http/middleware/Cors.js CHANGED
@@ -14,28 +14,29 @@ class Cors extends AbstractMiddleware {
14
14
  }
15
15
 
16
16
  async middleware(req, res, next) {
17
- if (req.method !== 'OPTIONS') {
18
- // only get supported
19
- return next();
20
- }
21
17
  for (const host of this.params.origins) {
22
18
  if (
23
19
  (typeof host === 'string' && req.headers.origin === host) ||
24
20
  (host instanceof RegExp && host.test(req.headers.origin))
25
21
  ) {
26
22
  res.set('Access-Control-Allow-Origin', req.headers.origin);
27
- res.set(
28
- 'Access-Control-Allow-Methods',
29
- 'GET,HEAD,PUT,PATCH,POST,DELETE',
30
- );
31
- res.set('Vary', 'Origin, Access-Control-Request-Headers');
23
+ res.set('Vary', 'Origin');
24
+
25
+ if (req.method === 'OPTIONS') {
26
+ res.set(
27
+ 'Access-Control-Allow-Methods',
28
+ 'GET,HEAD,PUT,PATCH,POST,DELETE',
29
+ );
30
+ res.set('Vary', 'Origin, Access-Control-Request-Headers');
32
31
 
33
- const allowedHeaders = req.headers['access-control-request-headers'];
34
- if (allowedHeaders) {
35
- res.set('Access-Control-Allow-Headers', allowedHeaders);
32
+ const allowedHeaders = req.headers['access-control-request-headers'];
33
+ if (allowedHeaders) {
34
+ res.set('Access-Control-Allow-Headers', allowedHeaders);
35
+ }
36
+ res.set('Content-Length', '0');
37
+ res.status(204);
38
+ return res.end();
36
39
  }
37
- res.status(204);
38
- return res.end();
39
40
  }
40
41
  }
41
42
  return next();
package/services/http/middleware/Cors.test.js CHANGED
@@ -28,21 +28,30 @@ describe('cors middleware methods', () => {
28
28
  expect(() => new Cors(global.server.app, { origins: 'origins' })).toThrow();
29
29
  });
30
30
 
31
- it('non options should be ignored', async () => {
32
- expect.assertions(1);
31
+ it('non options should be different', async () => {
32
+ expect.assertions(2);
33
33
  let isCalled = false;
34
34
  const nextFunction = () => {
35
35
  isCalled = true;
36
36
  };
37
+ const map = new Map();
37
38
  const req = {
38
39
  method: 'GET',
40
+
41
+ headers: { origin: 'https://localhost' },
42
+ };
43
+ const res = {
44
+ set: (key, val) => {
45
+ map.set(key, val);
46
+ },
39
47
  };
40
48
  const middleware = new Cors(global.server.app, {
41
- origins: ['something'],
49
+ origins: ['https://localhost'],
42
50
  });
43
51
 
44
- await middleware.middleware(req, {}, nextFunction);
52
+ await middleware.middleware(req, res, nextFunction);
45
53
  expect(isCalled).toBeTruthy();
54
+ expect(map.get('Vary')).toBe('Origin');
46
55
  });
47
56
 
48
57
  it('host the not match origin', async () => {
@@ -78,6 +87,7 @@ describe('cors middleware methods', () => {
78
87
  set: (key, val) => {
79
88
  map.set(key, val);
80
89
  },
90
+ status: () => {},
81
91
  end: () => {
82
92
  isEndCalled = true;
83
93
  },
@@ -113,6 +123,8 @@ describe('cors middleware methods', () => {
113
123
  set: (key, val) => {
114
124
  map.set(key, val);
115
125
  },
126
+ status: () => {},
127
+
116
128
  end: () => {
117
129
  isEndCalled = true;
118
130
  },