@middy/http-cors 2.5.1 → 3.0.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -1
- package/README.md +3 -3
- package/index.d.ts +2 -1
- package/package.json +7 -7
- package/index.js +0 -109
package/LICENSE
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
MIT License
|
|
2
2
|
|
|
3
|
-
Copyright (c) 2017-
|
|
3
|
+
Copyright (c) 2017-2022 Luciano Mammino, will Farrell and the [Middy team](https://github.com/middyjs/middy/graphs/contributors)
|
|
4
4
|
|
|
5
5
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
6
|
of this software and associated documentation files (the "Software"), to deal
|
package/README.md
CHANGED
|
@@ -43,14 +43,14 @@ npm install --save @middy/http-cors
|
|
|
43
43
|
|
|
44
44
|
- `credentials` (bool) (optional): if true, sets `Access-Control-Allow-Credentials` (default `false`)
|
|
45
45
|
- `headers` (string) (optional): value to put in `Access-Control-Allow-Headers` (default: `false`)
|
|
46
|
-
- `methods` (string) (optional): value to put in `Access-Control-Allow-
|
|
46
|
+
- `methods` (string) (optional): value to put in `Access-Control-Allow-Methods` (default: `false`)
|
|
47
47
|
- `getOrigin` (function(incomingOrigin:string, options)) (optional): take full control of the generating the returned origin. Defaults to using the origin or origins option.
|
|
48
48
|
- `origin` (string) (optional): origin to put in the header (default: "`*`")
|
|
49
49
|
- `origins` (array) (optional): An array of allowed origins. The incoming origin is matched against the list and is returned if present.
|
|
50
50
|
- `exposeHeaders` (string) (optional): value to put in `Access-Control-Expose-Headers` (default: `false`)
|
|
51
51
|
- `maxAge` (string) (optional): value to put in Access-Control-Max-Age header (default: `null`)
|
|
52
52
|
- `requestHeaders` (string) (optional): value to put in `Access-Control-Request-Headers` (default: `false`)
|
|
53
|
-
- `requestMethods` (string) (optional): value to put in `Access-Control-Request-
|
|
53
|
+
- `requestMethods` (string) (optional): value to put in `Access-Control-Request-Methods` (default: `false`)
|
|
54
54
|
- `cacheControl` (string) (optional): value to put in Cache-Control header on pre-flight (OPTIONS) requests (default: `null`)
|
|
55
55
|
|
|
56
56
|
```javascript
|
|
@@ -105,7 +105,7 @@ Everyone is very welcome to contribute to this repository. Feel free to [raise i
|
|
|
105
105
|
|
|
106
106
|
## License
|
|
107
107
|
|
|
108
|
-
Licensed under [MIT License](LICENSE). Copyright (c) 2017-
|
|
108
|
+
Licensed under [MIT License](LICENSE). Copyright (c) 2017-2022 Luciano Mammino, will Farrell, and the [Middy team](https://github.com/middyjs/middy/graphs/contributors).
|
|
109
109
|
|
|
110
110
|
<a href="https://app.fossa.io/projects/git%2Bgithub.com%2Fmiddyjs%2Fmiddy?ref=badge_large">
|
|
111
111
|
<img src="https://app.fossa.io/api/projects/git%2Bgithub.com%2Fmiddyjs%2Fmiddy.svg?type=large" alt="FOSSA Status" style="max-width:100%;">
|
package/index.d.ts
CHANGED
package/package.json
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@middy/http-cors",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "3.0.0-alpha.0",
|
|
4
4
|
"description": "CORS (Cross-Origin Resource Sharing) middleware for the middy framework",
|
|
5
|
-
"type": "
|
|
5
|
+
"type": "module",
|
|
6
6
|
"engines": {
|
|
7
|
-
"node": ">=
|
|
7
|
+
"node": ">=14"
|
|
8
8
|
},
|
|
9
9
|
"engineStrict": true,
|
|
10
10
|
"publishConfig": {
|
|
11
11
|
"access": "public"
|
|
12
12
|
},
|
|
13
|
-
"
|
|
13
|
+
"exports": "./index.js",
|
|
14
14
|
"types": "index.d.ts",
|
|
15
15
|
"files": [
|
|
16
16
|
"index.d.ts"
|
|
@@ -44,11 +44,11 @@
|
|
|
44
44
|
"url": "https://github.com/middyjs/middy/issues"
|
|
45
45
|
},
|
|
46
46
|
"homepage": "https://github.com/middyjs/middy#readme",
|
|
47
|
-
"gitHead": "
|
|
47
|
+
"gitHead": "c533f62841c8a39d061d7b94f30ba178f002c8db",
|
|
48
48
|
"dependencies": {
|
|
49
|
-
"@middy/util": "^
|
|
49
|
+
"@middy/util": "^3.0.0-alpha.0"
|
|
50
50
|
},
|
|
51
51
|
"devDependencies": {
|
|
52
|
-
"@middy/core": "^
|
|
52
|
+
"@middy/core": "^3.0.0-alpha.0"
|
|
53
53
|
}
|
|
54
54
|
}
|
package/index.js
DELETED
|
@@ -1,109 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
|
|
3
|
-
const {
|
|
4
|
-
normalizeHttpResponse
|
|
5
|
-
} = require('@middy/util');
|
|
6
|
-
|
|
7
|
-
const getOrigin = (incomingOrigin, options) => {
|
|
8
|
-
if ((options === null || options === void 0 ? void 0 : options.origins.length) > 0) {
|
|
9
|
-
if (incomingOrigin && options.origins.includes(incomingOrigin)) {
|
|
10
|
-
return incomingOrigin;
|
|
11
|
-
} else {
|
|
12
|
-
return options.origins[0];
|
|
13
|
-
}
|
|
14
|
-
} else {
|
|
15
|
-
if (incomingOrigin && options.credentials && options.origin === '*') {
|
|
16
|
-
return incomingOrigin;
|
|
17
|
-
}
|
|
18
|
-
|
|
19
|
-
return options.origin;
|
|
20
|
-
}
|
|
21
|
-
};
|
|
22
|
-
|
|
23
|
-
const defaults = {
|
|
24
|
-
getOrigin,
|
|
25
|
-
credentials: undefined,
|
|
26
|
-
headers: undefined,
|
|
27
|
-
methods: undefined,
|
|
28
|
-
origin: '*',
|
|
29
|
-
origins: [],
|
|
30
|
-
exposeHeaders: undefined,
|
|
31
|
-
maxAge: undefined,
|
|
32
|
-
requestHeaders: undefined,
|
|
33
|
-
requestMethods: undefined,
|
|
34
|
-
cacheControl: undefined
|
|
35
|
-
};
|
|
36
|
-
|
|
37
|
-
const httpCorsMiddleware = (opts = {}) => {
|
|
38
|
-
const options = { ...defaults,
|
|
39
|
-
...opts
|
|
40
|
-
};
|
|
41
|
-
|
|
42
|
-
const httpCorsMiddlewareAfter = async request => {
|
|
43
|
-
var _request$event;
|
|
44
|
-
|
|
45
|
-
if (!((_request$event = request.event) !== null && _request$event !== void 0 && _request$event.httpMethod)) return;
|
|
46
|
-
request.response = normalizeHttpResponse(request.response);
|
|
47
|
-
const existingHeaders = Object.keys(request.response.headers); // Check if already setup the header Access-Control-Allow-Credentials
|
|
48
|
-
|
|
49
|
-
if (existingHeaders.includes('Access-Control-Allow-Credentials')) {
|
|
50
|
-
options.credentials = request.response.headers['Access-Control-Allow-Credentials'] === 'true';
|
|
51
|
-
}
|
|
52
|
-
|
|
53
|
-
if (options.credentials) {
|
|
54
|
-
request.response.headers['Access-Control-Allow-Credentials'] = String(options.credentials);
|
|
55
|
-
} // Check if already setup Access-Control-Allow-Headers
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
if (options.headers && !existingHeaders.includes('Access-Control-Allow-Headers')) {
|
|
59
|
-
request.response.headers['Access-Control-Allow-Headers'] = options.headers;
|
|
60
|
-
} // Check if already setup Access-Control-Allow-Methods
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
if (options.methods && !existingHeaders.includes('Access-Control-Allow-Methods')) {
|
|
64
|
-
request.response.headers['Access-Control-Allow-Methods'] = options.methods;
|
|
65
|
-
} // Check if already setup the header Access-Control-Allow-Origin
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
if (!existingHeaders.includes('Access-Control-Allow-Origin')) {
|
|
69
|
-
var _request$event$header, _request$event2, _eventHeaders$origin;
|
|
70
|
-
|
|
71
|
-
const eventHeaders = (_request$event$header = (_request$event2 = request.event) === null || _request$event2 === void 0 ? void 0 : _request$event2.headers) !== null && _request$event$header !== void 0 ? _request$event$header : {};
|
|
72
|
-
const incomingOrigin = (_eventHeaders$origin = eventHeaders.origin) !== null && _eventHeaders$origin !== void 0 ? _eventHeaders$origin : eventHeaders.Origin;
|
|
73
|
-
request.response.headers['Access-Control-Allow-Origin'] = options.getOrigin(incomingOrigin, options);
|
|
74
|
-
} // Check if already setup Access-Control-Expose-Headers
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
if (options.exposeHeaders && !existingHeaders.includes('Access-Control-Expose-Headers')) {
|
|
78
|
-
request.response.headers['Access-Control-Expose-Headers'] = options.exposeHeaders;
|
|
79
|
-
}
|
|
80
|
-
|
|
81
|
-
if (options.maxAge && !existingHeaders.includes('Access-Control-Max-Age')) {
|
|
82
|
-
request.response.headers['Access-Control-Max-Age'] = String(options.maxAge);
|
|
83
|
-
} // Check if already setup Access-Control-Request-Headers
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
if (options.requestHeaders && !existingHeaders.includes('Access-Control-Request-Headers')) {
|
|
87
|
-
request.response.headers['Access-Control-Request-Headers'] = options.requestHeaders;
|
|
88
|
-
} // Check if already setup Access-Control-Request-Methods
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
if (options !== null && options !== void 0 && options.requestMethods && !existingHeaders.includes('Access-Control-Request-Methods')) {
|
|
92
|
-
request.response.headers['Access-Control-Request-Methods'] = options.requestMethods;
|
|
93
|
-
}
|
|
94
|
-
|
|
95
|
-
if (request.event.httpMethod === 'OPTIONS') {
|
|
96
|
-
if (options.cacheControl && !existingHeaders.includes('Cache-Control')) {
|
|
97
|
-
request.response.headers['Cache-Control'] = String(options.cacheControl);
|
|
98
|
-
}
|
|
99
|
-
}
|
|
100
|
-
};
|
|
101
|
-
|
|
102
|
-
const httpCorsMiddlewareOnError = httpCorsMiddlewareAfter;
|
|
103
|
-
return {
|
|
104
|
-
after: httpCorsMiddlewareAfter,
|
|
105
|
-
onError: httpCorsMiddlewareOnError
|
|
106
|
-
};
|
|
107
|
-
};
|
|
108
|
-
|
|
109
|
-
module.exports = httpCorsMiddleware;
|