@lytjs/middleware-cors 6.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +129 -0
  2. package/dist/index.cjs +64 -0
  3. package/dist/index.cjs.map +1 -0
  4. package/dist/index.js +61 -0
  5. package/dist/index.js.map +1 -0
  6. package/package.json +65 -0
package/README.md ADDED
@@ -0,0 +1,129 @@
1
+ # @lytjs/middleware-cors
2
+
3
+ > LytJS CORS 中间件。
4
+
5
+ [![npm version](https://img.shields.io/npm/v/@lytjs/middleware-cors.svg)](https://www.npmjs.com/package/@lytjs/middleware-cors)
6
+ [![license](https://img.shields.io/npm/l/@lytjs/middleware-cors.svg)](https://gitee.com/lytjs/lytjs/blob/main/LICENSE)
7
+
8
+ ## 简介
9
+
10
+ `@lytjs/middleware-cors` 是 LytJS 框架的 CORS 中间件,用于处理跨域资源共享。
11
+
12
+ ### 核心特性
13
+
14
+ - **灵活的源配置**:支持字符串、数组、正则表达式
15
+ - **自动预检处理**:自动响应 OPTIONS 预检请求
16
+ - **自定义头部**:可自定义允许和暴露的头部
17
+ - **凭证支持**:支持携带凭证的跨域请求
18
+ - **零依赖**:不引入任何外部依赖
19
+
20
+ ## 安装
21
+
22
+ ```bash
23
+ npm install @lytjs/middleware-cors
24
+ ```
25
+
26
+ 或使用 pnpm:
27
+
28
+ ```bash
29
+ pnpm add @lytjs/middleware-cors
30
+ ```
31
+
32
+ ## 快速开始
33
+
34
+ ### 基本用法
35
+
36
+ ```typescript
37
+ import { createMiddlewareChain } from '@lytjs/middleware';
38
+ import { createCorsMiddleware } from '@lytjs/middleware-cors';
39
+
40
+ const chain = createMiddlewareChain();
41
+
42
+ // 允许所有源
43
+ chain.use(createCorsMiddleware());
44
+
45
+ // 或者只允许特定源
46
+ chain.use(
47
+ createCorsMiddleware({
48
+ origin: 'https://example.com',
49
+ }),
50
+ );
51
+ ```
52
+
53
+ ### 配置 CORS
54
+
55
+ ```typescript
56
+ import { createCorsMiddleware } from '@lytjs/middleware-cors';
57
+
58
+ // 允许多个源
59
+ const cors = createCorsMiddleware({
60
+ origin: ['https://example.com', 'https://app.example.com'],
61
+ methods: ['GET', 'POST', 'PUT', 'DELETE'],
62
+ allowedHeaders: ['Content-Type', 'Authorization'],
63
+ exposedHeaders: ['X-Custom-Header'],
64
+ credentials: true,
65
+ maxAge: 86400, // 24 hours
66
+ });
67
+ ```
68
+
69
+ ### 使用正则表达式
70
+
71
+ ```typescript
72
+ const cors = createCorsMiddleware({
73
+ origin: /\.example\.com$/,
74
+ credentials: true,
75
+ });
76
+ ```
77
+
78
+ ### 使用函数自定义
79
+
80
+ ```typescript
81
+ const cors = createCorsMiddleware({
82
+ origin: (requestOrigin) => {
83
+ const allowedOrigins = ['https://a.com', 'https://b.com'];
84
+ if (requestOrigin && allowedOrigins.includes(requestOrigin)) {
85
+ return requestOrigin;
86
+ }
87
+ return false;
88
+ },
89
+ });
90
+ ```
91
+
92
+ ## 主要 API
93
+
94
+ ### `createCorsMiddleware(options)`
95
+
96
+ 创建 CORS 中间件。
97
+
98
+ ```typescript
99
+ import { createCorsMiddleware } from '@lytjs/middleware-cors';
100
+
101
+ const cors = createCorsMiddleware({
102
+ origin: '*',
103
+ methods: ['GET', 'POST'],
104
+ credentials: false,
105
+ maxAge: 86400,
106
+ });
107
+ ```
108
+
109
+ #### 选项说明
110
+
111
+ | 选项 | 类型 | 默认值 | 说明 |
112
+ | ---------------- | ---------------------------------------------------------------------------------------- | ------------------------------------------------------------------- | ---------------------- |
113
+ | `origin` | string \| string[] \| RegExp \| boolean \| (origin: string \| null) => boolean \| string | `'*'` | 允许的来源 |
114
+ | `methods` | string \| string[] | `['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE']` | 允许的 HTTP 方法 |
115
+ | `allowedHeaders` | string \| string[] | `['Accept', 'Accept-Language', 'Content-Language', 'Content-Type']` | 允许的请求头部 |
116
+ | `exposedHeaders` | string \| string[] | | 暴露的响应头部 |
117
+ | `credentials` | boolean | `false` | 是否允许携带凭证 |
118
+ | `maxAge` | number | | 预检请求缓存时间(秒) |
119
+
120
+ ## 许可证
121
+
122
+ MIT License - [查看许可证](https://gitee.com/lytjs/lytjs/blob/main/LICENSE)
123
+
124
+ ## 贡献指南
125
+
126
+ 欢迎提交 Issue 和 Pull Request!
127
+
128
+ - [Gitee 仓库](https://gitee.com/lytjs/lytjs)
129
+ - [问题反馈](https://gitee.com/lytjs/lytjs/issues)
package/dist/index.cjs ADDED
@@ -0,0 +1,64 @@
1
+ 'use strict';
2
+
3
+ // src/cors.ts
4
+ var DEFAULT_CONFIG = {
5
+ origin: "*",
6
+ methods: ["GET", "HEAD", "PUT", "PATCH", "POST", "DELETE"],
7
+ allowedHeaders: ["Content-Type", "Authorization"],
8
+ exposedHeaders: [],
9
+ credentials: false,
10
+ maxAge: 86400,
11
+ preflightStatus: 204
12
+ };
13
+ function createCorsMiddleware(config = {}) {
14
+ const finalConfig = { ...DEFAULT_CONFIG, ...config };
15
+ return async (request, ctx, next) => {
16
+ const origin = request.headers.get("Origin");
17
+ const isPreflight = request.method === "OPTIONS" && request.headers.has("Access-Control-Request-Method");
18
+ const headers = new Headers();
19
+ let allowOrigin = finalConfig.origin;
20
+ if (allowOrigin === true && origin) {
21
+ allowOrigin = origin;
22
+ } else if (Array.isArray(allowOrigin) && origin) {
23
+ allowOrigin = allowOrigin.includes(origin) ? origin : "";
24
+ }
25
+ if (typeof allowOrigin === "string") {
26
+ headers.set("Access-Control-Allow-Origin", allowOrigin);
27
+ }
28
+ if (finalConfig.methods) {
29
+ headers.set("Access-Control-Allow-Methods", finalConfig.methods.join(","));
30
+ }
31
+ if (finalConfig.allowedHeaders) {
32
+ headers.set("Access-Control-Allow-Headers", finalConfig.allowedHeaders.join(","));
33
+ }
34
+ if (finalConfig.exposedHeaders && finalConfig.exposedHeaders.length > 0) {
35
+ headers.set("Access-Control-Expose-Headers", finalConfig.exposedHeaders.join(","));
36
+ }
37
+ if (finalConfig.credentials) {
38
+ headers.set("Access-Control-Allow-Credentials", "true");
39
+ }
40
+ if (finalConfig.maxAge) {
41
+ headers.set("Access-Control-Max-Age", String(finalConfig.maxAge));
42
+ }
43
+ if (isPreflight) {
44
+ return new Response(null, {
45
+ status: finalConfig.preflightStatus,
46
+ headers
47
+ });
48
+ }
49
+ await next();
50
+ if (ctx.response) {
51
+ const newResponse = new Response(ctx.response.body, ctx.response);
52
+ headers.forEach((value, key) => {
53
+ newResponse.headers.set(key, value);
54
+ });
55
+ return newResponse;
56
+ }
57
+ };
58
+ }
59
+ var corsMiddleware = createCorsMiddleware();
60
+
61
+ exports.corsMiddleware = corsMiddleware;
62
+ exports.createCorsMiddleware = createCorsMiddleware;
63
+ //# sourceMappingURL=index.cjs.map
64
+ //# sourceMappingURL=index.cjs.map
package/dist/index.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/cors.ts"],"names":[],"mappings":";;;AAOA,IAAM,cAAA,GAA6B;AAAA,EACjC,MAAA,EAAQ,GAAA;AAAA,EACR,SAAS,CAAC,KAAA,EAAO,QAAQ,KAAA,EAAO,OAAA,EAAS,QAAQ,QAAQ,CAAA;AAAA,EACzD,cAAA,EAAgB,CAAC,cAAA,EAAgB,eAAe,CAAA;AAAA,EAChD,gBAAgB,EAAC;AAAA,EACjB,WAAA,EAAa,KAAA;AAAA,EACb,MAAA,EAAQ,KAAA;AAAA,EACR,eAAA,EAAiB;AACnB,CAAA;AAKO,SAAS,oBAAA,CAAqB,MAAA,GAAqB,EAAC,EAAe;AACxE,EAAA,MAAM,WAAA,GAAc,EAAE,GAAG,cAAA,EAAgB,GAAG,MAAA,EAAO;AAEnD,EAAA,OAAO,OACL,OAAA,EACA,GAAA,EACA,IAAA,KACyC;AACzC,IAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AAC3C,IAAA,MAAM,cACJ,OAAA,CAAQ,MAAA,KAAW,aAAa,OAAA,CAAQ,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAGrF,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAG5B,IAAA,IAAI,cAAc,WAAA,CAAY,MAAA;AAC9B,IAAA,IAAI,WAAA,KAAgB,QAAQ,MAAA,EAAQ;AAClC,MAAA,WAAA,GAAc,MAAA;AAAA,IAChB,CAAA,MAAA,IAAW,KAAA,CAAM,OAAA,CAAQ,WAAW,KAAK,MAAA,EAAQ;AAC/C,MAAA,WAAA,GAAc,WAAA,CAAY,QAAA,CAAS,MAAM,CAAA,GAAI,MAAA,GAAS,EAAA;AAAA,IACxD;AACA,IAAA,IAAI,OAAO,gBAAgB,QAAA,EAAU;AACnC,MAAA,OAAA,CAAQ,GAAA,CAAI,+BAA+B,WAAW,CAAA;AAAA,IACxD;AAGA,IAAA,IAAI,YAAY,OAAA,EAAS;AACvB,MAAA,OAAA,CAAQ,IAAI,8BAAA,EAAgC,WAAA,CAAY,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,IAC3E;AAGA,IAAA,IAAI,YAAY,cAAA,EAAgB;AAC9B,MAAA,OAAA,CAAQ,IAAI,8BAAA,EAAgC,WAAA,CAAY,cAAA,CAAe,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,IAClF;AAGA,IAAA,IAAI,WAAA,CAAY,cAAA,IAAkB,WAAA,CAAY,cAAA,CAAe,SAAS,CAAA,EAAG;AACvE,MAAA,OAAA,CAAQ,IAAI,+BAAA,EAAiC,WAAA,CAAY,cAAA,CAAe,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,IACnF;AAGA,IAAA,IAAI,YAAY,WAAA,EAAa;AAC3B,MAAA,OAAA,CAAQ,GAAA,CAAI,oCAAoC,MAAM,CAAA;AAAA,IACxD;AAGA,IAAA,IAAI,YAAY,MAAA,EAAQ;AACtB,MAAA,OAAA,CAAQ,GAAA,CAAI,wBAAA,EAA0B,MAAA,CAAO,WAAA,CAAY,MAAM,CAAC,CAAA;AAAA,IAClE;AAGA,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,QAAQ,WAAA,CAAY,eAAA;AAAA,QACpB;AAAA,OACD,CAAA;AAAA,IACH;AAGA,IAAA,MAAM,IAAA,EAAK;AACX,IAAA,IAAI,IAAI,QAAA,EAAU;AAChB,MAAA,MAAM,cAAc,IAAI,QAAA,CAAS,IAAI,QAAA,CAAS,IAAA,EAAM,IAAI,QAAQ,CAAA;AAChE,MAAA,OAAA,CAAQ,OAAA,CAAQ,CAAC,KAAA,EAAO,GAAA,KAAQ;AAC9B,QAAA,WAAA,CAAY,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,MACpC,CAAC,CAAA;AACD,MAAA,OAAO,WAAA;AAAA,IACT;AAAA,EACF,CAAA;AACF;AAKO,IAAM,iBAAiB,oBAAA","file":"index.cjs","sourcesContent":["/**\n * CORS 中间件实现\n */\n\nimport type { Middleware, MiddlewareContext } from '@lytjs/middleware';\nimport { CorsConfig } from './types';\n\nconst DEFAULT_CONFIG: CorsConfig = {\n origin: '*',\n methods: ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE'],\n allowedHeaders: ['Content-Type', 'Authorization'],\n exposedHeaders: [],\n credentials: false,\n maxAge: 86400,\n preflightStatus: 204,\n};\n\n/**\n * 创建 CORS 中间件\n */\nexport function createCorsMiddleware(config: CorsConfig = {}): Middleware {\n const finalConfig = { ...DEFAULT_CONFIG, ...config };\n\n return async (\n request: Request,\n ctx: MiddlewareContext,\n next: () => Promise<void>,\n ): Promise<Response | void | undefined> => {\n const origin = request.headers.get('Origin');\n const isPreflight =\n request.method === 'OPTIONS' && request.headers.has('Access-Control-Request-Method');\n\n // 设置 CORS 响应头\n const headers = new Headers();\n\n // 处理 Origin\n let allowOrigin = finalConfig.origin;\n if (allowOrigin === true && origin) {\n allowOrigin = origin;\n } else if (Array.isArray(allowOrigin) && origin) {\n allowOrigin = allowOrigin.includes(origin) ? origin : '';\n }\n if (typeof allowOrigin === 'string') {\n headers.set('Access-Control-Allow-Origin', allowOrigin);\n }\n\n // 处理 Methods\n if (finalConfig.methods) {\n headers.set('Access-Control-Allow-Methods', finalConfig.methods.join(','));\n }\n\n // 处理 Allowed Headers\n if (finalConfig.allowedHeaders) {\n headers.set('Access-Control-Allow-Headers', finalConfig.allowedHeaders.join(','));\n }\n\n // 处理 Exposed Headers\n if (finalConfig.exposedHeaders && finalConfig.exposedHeaders.length > 0) {\n headers.set('Access-Control-Expose-Headers', finalConfig.exposedHeaders.join(','));\n }\n\n // 处理 Credentials\n if (finalConfig.credentials) {\n headers.set('Access-Control-Allow-Credentials', 'true');\n }\n\n // 处理 Max Age\n if (finalConfig.maxAge) {\n headers.set('Access-Control-Max-Age', String(finalConfig.maxAge));\n }\n\n // 预检请求处理\n if (isPreflight) {\n return new Response(null, {\n status: finalConfig.preflightStatus,\n headers,\n });\n }\n\n // 在响应上设置头部\n await next();\n if (ctx.response) {\n const newResponse = new Response(ctx.response.body, ctx.response);\n headers.forEach((value, key) => {\n newResponse.headers.set(key, value);\n });\n return newResponse;\n }\n };\n}\n\n/**\n * 默认 CORS 中间件\n */\nexport const corsMiddleware = createCorsMiddleware();\n"]}
package/dist/index.js ADDED
@@ -0,0 +1,61 @@
1
+ // src/cors.ts
2
+ var DEFAULT_CONFIG = {
3
+ origin: "*",
4
+ methods: ["GET", "HEAD", "PUT", "PATCH", "POST", "DELETE"],
5
+ allowedHeaders: ["Content-Type", "Authorization"],
6
+ exposedHeaders: [],
7
+ credentials: false,
8
+ maxAge: 86400,
9
+ preflightStatus: 204
10
+ };
11
+ function createCorsMiddleware(config = {}) {
12
+ const finalConfig = { ...DEFAULT_CONFIG, ...config };
13
+ return async (request, ctx, next) => {
14
+ const origin = request.headers.get("Origin");
15
+ const isPreflight = request.method === "OPTIONS" && request.headers.has("Access-Control-Request-Method");
16
+ const headers = new Headers();
17
+ let allowOrigin = finalConfig.origin;
18
+ if (allowOrigin === true && origin) {
19
+ allowOrigin = origin;
20
+ } else if (Array.isArray(allowOrigin) && origin) {
21
+ allowOrigin = allowOrigin.includes(origin) ? origin : "";
22
+ }
23
+ if (typeof allowOrigin === "string") {
24
+ headers.set("Access-Control-Allow-Origin", allowOrigin);
25
+ }
26
+ if (finalConfig.methods) {
27
+ headers.set("Access-Control-Allow-Methods", finalConfig.methods.join(","));
28
+ }
29
+ if (finalConfig.allowedHeaders) {
30
+ headers.set("Access-Control-Allow-Headers", finalConfig.allowedHeaders.join(","));
31
+ }
32
+ if (finalConfig.exposedHeaders && finalConfig.exposedHeaders.length > 0) {
33
+ headers.set("Access-Control-Expose-Headers", finalConfig.exposedHeaders.join(","));
34
+ }
35
+ if (finalConfig.credentials) {
36
+ headers.set("Access-Control-Allow-Credentials", "true");
37
+ }
38
+ if (finalConfig.maxAge) {
39
+ headers.set("Access-Control-Max-Age", String(finalConfig.maxAge));
40
+ }
41
+ if (isPreflight) {
42
+ return new Response(null, {
43
+ status: finalConfig.preflightStatus,
44
+ headers
45
+ });
46
+ }
47
+ await next();
48
+ if (ctx.response) {
49
+ const newResponse = new Response(ctx.response.body, ctx.response);
50
+ headers.forEach((value, key) => {
51
+ newResponse.headers.set(key, value);
52
+ });
53
+ return newResponse;
54
+ }
55
+ };
56
+ }
57
+ var corsMiddleware = createCorsMiddleware();
58
+
59
+ export { corsMiddleware, createCorsMiddleware };
60
+ //# sourceMappingURL=index.js.map
61
+ //# sourceMappingURL=index.js.map
package/dist/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/cors.ts"],"names":[],"mappings":";AAOA,IAAM,cAAA,GAA6B;AAAA,EACjC,MAAA,EAAQ,GAAA;AAAA,EACR,SAAS,CAAC,KAAA,EAAO,QAAQ,KAAA,EAAO,OAAA,EAAS,QAAQ,QAAQ,CAAA;AAAA,EACzD,cAAA,EAAgB,CAAC,cAAA,EAAgB,eAAe,CAAA;AAAA,EAChD,gBAAgB,EAAC;AAAA,EACjB,WAAA,EAAa,KAAA;AAAA,EACb,MAAA,EAAQ,KAAA;AAAA,EACR,eAAA,EAAiB;AACnB,CAAA;AAKO,SAAS,oBAAA,CAAqB,MAAA,GAAqB,EAAC,EAAe;AACxE,EAAA,MAAM,WAAA,GAAc,EAAE,GAAG,cAAA,EAAgB,GAAG,MAAA,EAAO;AAEnD,EAAA,OAAO,OACL,OAAA,EACA,GAAA,EACA,IAAA,KACyC;AACzC,IAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AAC3C,IAAA,MAAM,cACJ,OAAA,CAAQ,MAAA,KAAW,aAAa,OAAA,CAAQ,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAGrF,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAG5B,IAAA,IAAI,cAAc,WAAA,CAAY,MAAA;AAC9B,IAAA,IAAI,WAAA,KAAgB,QAAQ,MAAA,EAAQ;AAClC,MAAA,WAAA,GAAc,MAAA;AAAA,IAChB,CAAA,MAAA,IAAW,KAAA,CAAM,OAAA,CAAQ,WAAW,KAAK,MAAA,EAAQ;AAC/C,MAAA,WAAA,GAAc,WAAA,CAAY,QAAA,CAAS,MAAM,CAAA,GAAI,MAAA,GAAS,EAAA;AAAA,IACxD;AACA,IAAA,IAAI,OAAO,gBAAgB,QAAA,EAAU;AACnC,MAAA,OAAA,CAAQ,GAAA,CAAI,+BAA+B,WAAW,CAAA;AAAA,IACxD;AAGA,IAAA,IAAI,YAAY,OAAA,EAAS;AACvB,MAAA,OAAA,CAAQ,IAAI,8BAAA,EAAgC,WAAA,CAAY,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,IAC3E;AAGA,IAAA,IAAI,YAAY,cAAA,EAAgB;AAC9B,MAAA,OAAA,CAAQ,IAAI,8BAAA,EAAgC,WAAA,CAAY,cAAA,CAAe,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,IAClF;AAGA,IAAA,IAAI,WAAA,CAAY,cAAA,IAAkB,WAAA,CAAY,cAAA,CAAe,SAAS,CAAA,EAAG;AACvE,MAAA,OAAA,CAAQ,IAAI,+BAAA,EAAiC,WAAA,CAAY,cAAA,CAAe,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,IACnF;AAGA,IAAA,IAAI,YAAY,WAAA,EAAa;AAC3B,MAAA,OAAA,CAAQ,GAAA,CAAI,oCAAoC,MAAM,CAAA;AAAA,IACxD;AAGA,IAAA,IAAI,YAAY,MAAA,EAAQ;AACtB,MAAA,OAAA,CAAQ,GAAA,CAAI,wBAAA,EAA0B,MAAA,CAAO,WAAA,CAAY,MAAM,CAAC,CAAA;AAAA,IAClE;AAGA,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,QAAQ,WAAA,CAAY,eAAA;AAAA,QACpB;AAAA,OACD,CAAA;AAAA,IACH;AAGA,IAAA,MAAM,IAAA,EAAK;AACX,IAAA,IAAI,IAAI,QAAA,EAAU;AAChB,MAAA,MAAM,cAAc,IAAI,QAAA,CAAS,IAAI,QAAA,CAAS,IAAA,EAAM,IAAI,QAAQ,CAAA;AAChE,MAAA,OAAA,CAAQ,OAAA,CAAQ,CAAC,KAAA,EAAO,GAAA,KAAQ;AAC9B,QAAA,WAAA,CAAY,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,MACpC,CAAC,CAAA;AACD,MAAA,OAAO,WAAA;AAAA,IACT;AAAA,EACF,CAAA;AACF;AAKO,IAAM,iBAAiB,oBAAA","file":"index.js","sourcesContent":["/**\n * CORS 中间件实现\n */\n\nimport type { Middleware, MiddlewareContext } from '@lytjs/middleware';\nimport { CorsConfig } from './types';\n\nconst DEFAULT_CONFIG: CorsConfig = {\n origin: '*',\n methods: ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE'],\n allowedHeaders: ['Content-Type', 'Authorization'],\n exposedHeaders: [],\n credentials: false,\n maxAge: 86400,\n preflightStatus: 204,\n};\n\n/**\n * 创建 CORS 中间件\n */\nexport function createCorsMiddleware(config: CorsConfig = {}): Middleware {\n const finalConfig = { ...DEFAULT_CONFIG, ...config };\n\n return async (\n request: Request,\n ctx: MiddlewareContext,\n next: () => Promise<void>,\n ): Promise<Response | void | undefined> => {\n const origin = request.headers.get('Origin');\n const isPreflight =\n request.method === 'OPTIONS' && request.headers.has('Access-Control-Request-Method');\n\n // 设置 CORS 响应头\n const headers = new Headers();\n\n // 处理 Origin\n let allowOrigin = finalConfig.origin;\n if (allowOrigin === true && origin) {\n allowOrigin = origin;\n } else if (Array.isArray(allowOrigin) && origin) {\n allowOrigin = allowOrigin.includes(origin) ? origin : '';\n }\n if (typeof allowOrigin === 'string') {\n headers.set('Access-Control-Allow-Origin', allowOrigin);\n }\n\n // 处理 Methods\n if (finalConfig.methods) {\n headers.set('Access-Control-Allow-Methods', finalConfig.methods.join(','));\n }\n\n // 处理 Allowed Headers\n if (finalConfig.allowedHeaders) {\n headers.set('Access-Control-Allow-Headers', finalConfig.allowedHeaders.join(','));\n }\n\n // 处理 Exposed Headers\n if (finalConfig.exposedHeaders && finalConfig.exposedHeaders.length > 0) {\n headers.set('Access-Control-Expose-Headers', finalConfig.exposedHeaders.join(','));\n }\n\n // 处理 Credentials\n if (finalConfig.credentials) {\n headers.set('Access-Control-Allow-Credentials', 'true');\n }\n\n // 处理 Max Age\n if (finalConfig.maxAge) {\n headers.set('Access-Control-Max-Age', String(finalConfig.maxAge));\n }\n\n // 预检请求处理\n if (isPreflight) {\n return new Response(null, {\n status: finalConfig.preflightStatus,\n headers,\n });\n }\n\n // 在响应上设置头部\n await next();\n if (ctx.response) {\n const newResponse = new Response(ctx.response.body, ctx.response);\n headers.forEach((value, key) => {\n newResponse.headers.set(key, value);\n });\n return newResponse;\n }\n };\n}\n\n/**\n * 默认 CORS 中间件\n */\nexport const corsMiddleware = createCorsMiddleware();\n"]}
package/package.json ADDED
@@ -0,0 +1,65 @@
1
+ {
2
+ "name": "@lytjs/middleware-cors",
3
+ "version": "6.6.0",
4
+ "description": "LytJS CORS Middleware - Cross-Origin Resource Sharing middleware",
5
+ "author": "lytjs",
6
+ "license": "MIT",
7
+ "type": "module",
8
+ "main": "./dist/index.cjs",
9
+ "module": "./dist/index.mjs",
10
+ "types": "./dist/index.d.ts",
11
+ "exports": {
12
+ ".": {
13
+ "types": "./dist/index.d.ts",
14
+ "import": "./dist/index.mjs",
15
+ "require": "./dist/index.cjs"
16
+ },
17
+ "./package.json": "./package.json"
18
+ },
19
+ "files": [
20
+ "dist",
21
+ "README.md",
22
+ "LICENSE"
23
+ ],
24
+ "sideEffects": false,
25
+ "scripts": {
26
+ "dev": "tsup --watch",
27
+ "build": "tsup",
28
+ "test": "vitest run",
29
+ "test:watch": "vitest",
30
+ "test:coverage": "vitest run --coverage",
31
+ "type-check": "tsc --noEmit",
32
+ "clean": "rm -rf dist node_modules .turbo"
33
+ },
34
+ "dependencies": {
35
+ "@lytjs/middleware": "workspace:*",
36
+ "@lytjs/common-constants": "workspace:*"
37
+ },
38
+ "devDependencies": {
39
+ "@types/node": "^22.13.10",
40
+ "@vitest/coverage-v8": "^3.0.7",
41
+ "tsup": "^8.4.0",
42
+ "typescript": "^5.8.2",
43
+ "vitest": "^3.0.7"
44
+ },
45
+ "peerDependencies": {},
46
+ "publishConfig": {
47
+ "access": "public",
48
+ "registry": "https://registry.npmjs.org/"
49
+ },
50
+ "repository": {
51
+ "type": "git",
52
+ "url": "https://gitee.com/lytjs/lytjs.git",
53
+ "directory": "packages/ecosystem/packages/web-framework/packages/middleware-cors"
54
+ },
55
+ "keywords": [
56
+ "lytjs",
57
+ "middleware",
58
+ "cors",
59
+ "cross-origin"
60
+ ],
61
+ "homepage": "https://gitee.com/lytjs/lytjs/tree/develop/packages/ecosystem/packages/web-framework/packages/middleware-cors#readme",
62
+ "bugs": {
63
+ "url": "https://gitee.com/lytjs/lytjs/issues"
64
+ }
65
+ }