npm - @jaypie/express - Versions diffs - 1.1.7 → 1.1.9 - Mend

@jaypie/express 1.1.7 → 1.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/module.cjs CHANGED Viewed

@@ -23,8 +23,6 @@ const EXPRESS = {
 // Constants
 //
-const DEFAULT_HEADERS = ["Authorization", "X-Session-Id"];
-const DEFAULT_METHODS = ["DELETE", "HEAD", "GET", "POST", "PUT"];
 const HTTP_PROTOCOL = "http://";
 const HTTPS_PROTOCOL = "https://";
 const SANDBOX_ENV = "sandbox";
@@ -41,57 +39,67 @@ const ensureProtocol = (url) => {
   return HTTPS_PROTOCOL + url;
 };
+const dynamicOriginCallbackHandler = (origin) => {
+  return (requestOrigin, callback) => {
+    // Handle wildcard origin
+    if (origin === "*") {
+      callback(null, true);
+      return;
+    }
+    // Allow requests with no origin (like mobile apps, curl, etc)
+    if (!requestOrigin) {
+      callback(null, true);
+      return;
+    }
+    const allowedOrigins = [];
+    if (process.env.BASE_URL) {
+      allowedOrigins.push(ensureProtocol(process.env.BASE_URL));
+    }
+    if (process.env.PROJECT_BASE_URL) {
+      allowedOrigins.push(ensureProtocol(process.env.PROJECT_BASE_URL));
+    }
+    if (origin) {
+      const additionalOrigins = core.force.array(origin);
+      allowedOrigins.push(...additionalOrigins);
+    }
+    // Add localhost origins in sandbox
+    if (
+      process.env.PROJECT_ENV === SANDBOX_ENV ||
+      core.envBoolean("PROJECT_SANDBOX_MODE")
+    ) {
+      allowedOrigins.push("http://localhost");
+      allowedOrigins.push(/^http:\/\/localhost:\d+$/);
+    }
+    const isAllowed = allowedOrigins.some((allowed) => {
+      if (allowed instanceof RegExp) {
+        return allowed.test(requestOrigin);
+      }
+      return requestOrigin.includes(allowed);
+    });
+    if (isAllowed) {
+      callback(null, true);
+    } else {
+      callback(new errors.CorsError());
+    }
+  };
+};
 //
 //
 // Main
 //
 const corsHelper = (config = {}) => {
-  const { origins, methods, headers, overrides = {} } = config;
+  const { origin, overrides = {} } = config;
   const options = {
-    origin(origin, callback) {
-      // Handle wildcard origin
-      if (origins === "*") {
-        callback(null, true);
-        return;
-      }
-      // Allow requests with no origin (like mobile apps, curl, etc)
-      if (!origin) {
-        callback(null, true);
-        return;
-      }
-      const allowedOrigins = origins || [
-        ensureProtocol(process.env.BASE_URL),
-        ensureProtocol(process.env.PROJECT_BASE_URL),
-      ];
-      // Add localhost origins in sandbox
-      if (
-        process.env.PROJECT_ENV === SANDBOX_ENV ||
-        core.envBoolean("PROJECT_DEV")
-      ) {
-        allowedOrigins.push("http://localhost");
-        allowedOrigins.push(/^http:\/\/localhost:\d+$/);
-      }
-      const isAllowed = allowedOrigins.some((allowed) => {
-        if (allowed instanceof RegExp) {
-          return allowed.test(origin);
-        }
-        return origin.includes(allowed);
-      });
-      if (isAllowed) {
-        callback(null, true);
-      } else {
-        callback(new errors.CorsError());
-      }
-    },
-    methods: [...DEFAULT_METHODS, ...(methods || [])],
-    allowedHeaders: [...DEFAULT_HEADERS, ...(headers || [])],
+    origin: dynamicOriginCallbackHandler(origin),
+    // * The default behavior is to allow any headers and methods so they are not included here
     ...overrides,
   };

package/dist/module.esm.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { CorsError } from '@jaypie/errors';
-import { envBoolean, log, JAYPIE, HTTP, validate, force, jaypieHandler, UnhandledError, BadRequestError, UnauthorizedError, ForbiddenError, NotFoundError, MethodNotAllowedError, GoneError, TeapotError, InternalError, BadGatewayError, UnavailableError, GatewayTimeoutError, NotImplementedError } from '@jaypie/core';
+import { force, envBoolean, log, JAYPIE, HTTP, validate, jaypieHandler, UnhandledError, BadRequestError, UnauthorizedError, ForbiddenError, NotFoundError, MethodNotAllowedError, GoneError, TeapotError, InternalError, BadGatewayError, UnavailableError, GatewayTimeoutError, NotImplementedError } from '@jaypie/core';
 import expressCors from 'cors';
 import { getCurrentInvoke } from '@codegenie/serverless-express';
@@ -21,8 +21,6 @@ const EXPRESS = {
 // Constants
 //
-const DEFAULT_HEADERS = ["Authorization", "X-Session-Id"];
-const DEFAULT_METHODS = ["DELETE", "HEAD", "GET", "POST", "PUT"];
 const HTTP_PROTOCOL = "http://";
 const HTTPS_PROTOCOL = "https://";
 const SANDBOX_ENV = "sandbox";
@@ -39,57 +37,67 @@ const ensureProtocol = (url) => {
   return HTTPS_PROTOCOL + url;
 };
+const dynamicOriginCallbackHandler = (origin) => {
+  return (requestOrigin, callback) => {
+    // Handle wildcard origin
+    if (origin === "*") {
+      callback(null, true);
+      return;
+    }
+    // Allow requests with no origin (like mobile apps, curl, etc)
+    if (!requestOrigin) {
+      callback(null, true);
+      return;
+    }
+    const allowedOrigins = [];
+    if (process.env.BASE_URL) {
+      allowedOrigins.push(ensureProtocol(process.env.BASE_URL));
+    }
+    if (process.env.PROJECT_BASE_URL) {
+      allowedOrigins.push(ensureProtocol(process.env.PROJECT_BASE_URL));
+    }
+    if (origin) {
+      const additionalOrigins = force.array(origin);
+      allowedOrigins.push(...additionalOrigins);
+    }
+    // Add localhost origins in sandbox
+    if (
+      process.env.PROJECT_ENV === SANDBOX_ENV ||
+      envBoolean("PROJECT_SANDBOX_MODE")
+    ) {
+      allowedOrigins.push("http://localhost");
+      allowedOrigins.push(/^http:\/\/localhost:\d+$/);
+    }
+    const isAllowed = allowedOrigins.some((allowed) => {
+      if (allowed instanceof RegExp) {
+        return allowed.test(requestOrigin);
+      }
+      return requestOrigin.includes(allowed);
+    });
+    if (isAllowed) {
+      callback(null, true);
+    } else {
+      callback(new CorsError());
+    }
+  };
+};
 //
 //
 // Main
 //
 const corsHelper = (config = {}) => {
-  const { origins, methods, headers, overrides = {} } = config;
+  const { origin, overrides = {} } = config;
   const options = {
-    origin(origin, callback) {
-      // Handle wildcard origin
-      if (origins === "*") {
-        callback(null, true);
-        return;
-      }
-      // Allow requests with no origin (like mobile apps, curl, etc)
-      if (!origin) {
-        callback(null, true);
-        return;
-      }
-      const allowedOrigins = origins || [
-        ensureProtocol(process.env.BASE_URL),
-        ensureProtocol(process.env.PROJECT_BASE_URL),
-      ];
-      // Add localhost origins in sandbox
-      if (
-        process.env.PROJECT_ENV === SANDBOX_ENV ||
-        envBoolean("PROJECT_DEV")
-      ) {
-        allowedOrigins.push("http://localhost");
-        allowedOrigins.push(/^http:\/\/localhost:\d+$/);
-      }
-      const isAllowed = allowedOrigins.some((allowed) => {
-        if (allowed instanceof RegExp) {
-          return allowed.test(origin);
-        }
-        return origin.includes(allowed);
-      });
-      if (isAllowed) {
-        callback(null, true);
-      } else {
-        callback(new CorsError());
-      }
-    },
-    methods: [...DEFAULT_METHODS, ...(methods || [])],
-    allowedHeaders: [...DEFAULT_HEADERS, ...(headers || [])],
+    origin: dynamicOriginCallbackHandler(origin),
+    // * The default behavior is to allow any headers and methods so they are not included here
     ...overrides,
   };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@jaypie/express",
-  "version": "1.1.7",
+  "version": "1.1.9",
   "license": "MIT",
   "author": "Finlayson Studio",
   "type": "module",
@@ -43,5 +43,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "b6172271a5bfdc96126fe3eded3e17e382c4409b"
+  "gitHead": "4838a796c61186888f143d6a86adf6b89a02dd5c"
 }

package/src/cors.helper.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { CorsError } from "@jaypie/errors";
-import { envBoolean } from "@jaypie/core";
+import { envBoolean, force } from "@jaypie/core";
 import expressCors from "cors";
 //
@@ -7,8 +7,6 @@ import expressCors from "cors";
 // Constants
 //
-const DEFAULT_HEADERS = ["Authorization", "X-Session-Id"];
-const DEFAULT_METHODS = ["DELETE", "HEAD", "GET", "POST", "PUT"];
 const HTTP_PROTOCOL = "http://";
 const HTTPS_PROTOCOL = "https://";
 const SANDBOX_ENV = "sandbox";
@@ -25,57 +23,67 @@ const ensureProtocol = (url) => {
   return HTTPS_PROTOCOL + url;
 };
+export const dynamicOriginCallbackHandler = (origin) => {
+  return (requestOrigin, callback) => {
+    // Handle wildcard origin
+    if (origin === "*") {
+      callback(null, true);
+      return;
+    }
+    // Allow requests with no origin (like mobile apps, curl, etc)
+    if (!requestOrigin) {
+      callback(null, true);
+      return;
+    }
+    const allowedOrigins = [];
+    if (process.env.BASE_URL) {
+      allowedOrigins.push(ensureProtocol(process.env.BASE_URL));
+    }
+    if (process.env.PROJECT_BASE_URL) {
+      allowedOrigins.push(ensureProtocol(process.env.PROJECT_BASE_URL));
+    }
+    if (origin) {
+      const additionalOrigins = force.array(origin);
+      allowedOrigins.push(...additionalOrigins);
+    }
+    // Add localhost origins in sandbox
+    if (
+      process.env.PROJECT_ENV === SANDBOX_ENV ||
+      envBoolean("PROJECT_SANDBOX_MODE")
+    ) {
+      allowedOrigins.push("http://localhost");
+      allowedOrigins.push(/^http:\/\/localhost:\d+$/);
+    }
+    const isAllowed = allowedOrigins.some((allowed) => {
+      if (allowed instanceof RegExp) {
+        return allowed.test(requestOrigin);
+      }
+      return requestOrigin.includes(allowed);
+    });
+    if (isAllowed) {
+      callback(null, true);
+    } else {
+      callback(new CorsError());
+    }
+  };
+};
 //
 //
 // Main
 //
 const corsHelper = (config = {}) => {
-  const { origins, methods, headers, overrides = {} } = config;
+  const { origin, overrides = {} } = config;
   const options = {
-    origin(origin, callback) {
-      // Handle wildcard origin
-      if (origins === "*") {
-        callback(null, true);
-        return;
-      }
-      // Allow requests with no origin (like mobile apps, curl, etc)
-      if (!origin) {
-        callback(null, true);
-        return;
-      }
-      const allowedOrigins = origins || [
-        ensureProtocol(process.env.BASE_URL),
-        ensureProtocol(process.env.PROJECT_BASE_URL),
-      ];
-      // Add localhost origins in sandbox
-      if (
-        process.env.PROJECT_ENV === SANDBOX_ENV ||
-        envBoolean("PROJECT_DEV")
-      ) {
-        allowedOrigins.push("http://localhost");
-        allowedOrigins.push(/^http:\/\/localhost:\d+$/);
-      }
-      const isAllowed = allowedOrigins.some((allowed) => {
-        if (allowed instanceof RegExp) {
-          return allowed.test(origin);
-        }
-        return origin.includes(allowed);
-      });
-      if (isAllowed) {
-        callback(null, true);
-      } else {
-        callback(new CorsError());
-      }
-    },
-    methods: [...DEFAULT_METHODS, ...(methods || [])],
-    allowedHeaders: [...DEFAULT_HEADERS, ...(headers || [])],
+    origin: dynamicOriginCallbackHandler(origin),
+    // * The default behavior is to allow any headers and methods so they are not included here
     ...overrides,
   };