npm - @middy/http-cors - Versions diffs - 2.5.2 → 3.0.0-alpha.1 - Mend

@middy/http-cors 2.5.2 → 3.0.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/LICENSE CHANGED Viewed

@@ -1,6 +1,6 @@
 MIT License
-Copyright (c) 2017-2021 Luciano Mammino, will Farrell and the [Middy team](https://github.com/middyjs/middy/graphs/contributors)
+Copyright (c) 2017-2022 Luciano Mammino, will Farrell and the [Middy team](https://github.com/middyjs/middy/graphs/contributors)
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/README.md CHANGED Viewed

@@ -43,14 +43,14 @@ npm install --save @middy/http-cors
  - `credentials` (bool) (optional): if true, sets `Access-Control-Allow-Credentials` (default `false`)
  - `headers` (string) (optional): value to put in `Access-Control-Allow-Headers` (default: `false`)
- - `methods` (string) (optional): value to put in `Access-Control-Allow-Mehtods` (default: `false`)
+ - `methods` (string) (optional): value to put in `Access-Control-Allow-Methods` (default: `false`)
  - `getOrigin` (function(incomingOrigin:string, options)) (optional): take full control of the generating the returned origin. Defaults to using the origin or origins option.
  - `origin` (string) (optional): origin to put in the header (default: "`*`")
  - `origins` (array) (optional): An array of allowed origins. The incoming origin is matched against the list and is returned if present.
  - `exposeHeaders` (string) (optional): value to put in `Access-Control-Expose-Headers` (default: `false`)
  - `maxAge` (string) (optional): value to put in Access-Control-Max-Age header (default: `null`)
  - `requestHeaders` (string) (optional): value to put in `Access-Control-Request-Headers` (default: `false`)
- - `requestMethods` (string) (optional): value to put in `Access-Control-Request-Mehtods` (default: `false`)
+ - `requestMethods` (string) (optional): value to put in `Access-Control-Request-Methods` (default: `false`)
  - `cacheControl` (string) (optional): value to put in Cache-Control header on pre-flight (OPTIONS) requests (default: `null`)
 ```javascript
@@ -105,7 +105,7 @@ Everyone is very welcome to contribute to this repository. Feel free to [raise i
 ## License
-Licensed under [MIT License](LICENSE). Copyright (c) 2017-2021 Luciano Mammino, will Farrell, and the [Middy team](https://github.com/middyjs/middy/graphs/contributors).
+Licensed under [MIT License](LICENSE). Copyright (c) 2017-2022 Luciano Mammino, will Farrell, and the [Middy team](https://github.com/middyjs/middy/graphs/contributors).
 <a href="https://app.fossa.io/projects/git%2Bgithub.com%2Fmiddyjs%2Fmiddy?ref=badge_large">
   <img src="https://app.fossa.io/api/projects/git%2Bgithub.com%2Fmiddyjs%2Fmiddy.svg?type=large" alt="FOSSA Status"  style="max-width:100%;">

package/index.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import middy from '@middy/core'
-interface Options {
+export interface Options {
+  getOrigin?: (incomingOrigin: string, options: Options) => string
   credentials?: boolean | string
   headers?: string
   methods?: string

package/index.js CHANGED Viewed

@@ -1,11 +1,7 @@
-"use strict";
+import { normalizeHttpResponse } from '@middy/util';
-const {
-  normalizeHttpResponse
-} = require('@middy/util');
-const getOrigin = (incomingOrigin, options) => {
-  if ((options === null || options === void 0 ? void 0 : options.origins.length) > 0) {
+const getOrigin = (incomingOrigin, options = {}) => {
+  if (options.origins.length > 0) {
     if (incomingOrigin && options.origins.includes(incomingOrigin)) {
       return incomingOrigin;
     } else {
@@ -40,12 +36,10 @@ const httpCorsMiddleware = (opts = {}) => {
   };
   const httpCorsMiddlewareAfter = async request => {
-    var _request$event, _request$event2, _request$event2$reque, _request$event2$reque2;
+    var _getVersionHttpMethod;
-    // API Gateway v1 & v2
-    if (!((_request$event = request.event) !== null && _request$event !== void 0 && _request$event.httpMethod) && !((_request$event2 = request.event) !== null && _request$event2 !== void 0 && (_request$event2$reque = _request$event2.requestContext) !== null && _request$event2$reque !== void 0 && (_request$event2$reque2 = _request$event2$reque.http) !== null && _request$event2$reque2 !== void 0 && _request$event2$reque2.method)) return;
-    request.response = normalizeHttpResponse(request.response);
-    const existingHeaders = Object.keys(request.response.headers); // Check if already setup the header Access-Control-Allow-Credentials
+    normalizeHttpResponse(request);
+    const existingHeaders = Object.keys(request.response.headers);
     if (existingHeaders.includes('Access-Control-Allow-Credentials')) {
       options.credentials = request.response.headers['Access-Control-Allow-Credentials'] === 'true';
@@ -53,27 +47,21 @@ const httpCorsMiddleware = (opts = {}) => {
     if (options.credentials) {
       request.response.headers['Access-Control-Allow-Credentials'] = String(options.credentials);
-    } // Check if already setup Access-Control-Allow-Headers
+    }
     if (options.headers && !existingHeaders.includes('Access-Control-Allow-Headers')) {
       request.response.headers['Access-Control-Allow-Headers'] = options.headers;
-    } // Check if already setup Access-Control-Allow-Methods
+    }
     if (options.methods && !existingHeaders.includes('Access-Control-Allow-Methods')) {
       request.response.headers['Access-Control-Allow-Methods'] = options.methods;
-    } // Check if already setup the header Access-Control-Allow-Origin
+    }
     if (!existingHeaders.includes('Access-Control-Allow-Origin')) {
-      var _request$event$header, _request$event3, _eventHeaders$origin;
-      const eventHeaders = (_request$event$header = (_request$event3 = request.event) === null || _request$event3 === void 0 ? void 0 : _request$event3.headers) !== null && _request$event$header !== void 0 ? _request$event$header : {};
-      const incomingOrigin = (_eventHeaders$origin = eventHeaders.origin) !== null && _eventHeaders$origin !== void 0 ? _eventHeaders$origin : eventHeaders.Origin;
+      const eventHeaders = request.event.headers ?? {};
+      const incomingOrigin = eventHeaders.origin ?? eventHeaders.Origin;
       request.response.headers['Access-Control-Allow-Origin'] = options.getOrigin(incomingOrigin, options);
-    } // Check if already setup Access-Control-Expose-Headers
+    }
     if (options.exposeHeaders && !existingHeaders.includes('Access-Control-Expose-Headers')) {
       request.response.headers['Access-Control-Expose-Headers'] = options.exposeHeaders;
@@ -81,30 +69,42 @@ const httpCorsMiddleware = (opts = {}) => {
     if (options.maxAge && !existingHeaders.includes('Access-Control-Max-Age')) {
       request.response.headers['Access-Control-Max-Age'] = String(options.maxAge);
-    } // Check if already setup Access-Control-Request-Headers
+    }
     if (options.requestHeaders && !existingHeaders.includes('Access-Control-Request-Headers')) {
       request.response.headers['Access-Control-Request-Headers'] = options.requestHeaders;
-    } // Check if already setup Access-Control-Request-Methods
+    }
-    if (options !== null && options !== void 0 && options.requestMethods && !existingHeaders.includes('Access-Control-Request-Methods')) {
+    if (options.requestMethods && !existingHeaders.includes('Access-Control-Request-Methods')) {
       request.response.headers['Access-Control-Request-Methods'] = options.requestMethods;
     }
-    if (request.event.httpMethod === 'OPTIONS') {
+    const httpMethod = (_getVersionHttpMethod = getVersionHttpMethod[request.event.version ?? '1.0']) === null || _getVersionHttpMethod === void 0 ? void 0 : _getVersionHttpMethod.call(getVersionHttpMethod, request.event);
+    if (!httpMethod) {
+      throw new Error('Unknown API Gateway Payload format');
+    }
+    if (httpMethod === 'OPTIONS') {
       if (options.cacheControl && !existingHeaders.includes('Cache-Control')) {
         request.response.headers['Cache-Control'] = String(options.cacheControl);
       }
     }
   };
-  const httpCorsMiddlewareOnError = httpCorsMiddlewareAfter;
+  const httpCorsMiddlewareOnError = async request => {
+    if (request.response === undefined) return;
+    return httpCorsMiddlewareAfter(request);
+  };
   return {
     after: httpCorsMiddlewareAfter,
     onError: httpCorsMiddlewareOnError
   };
 };
-module.exports = httpCorsMiddleware;
+const getVersionHttpMethod = {
+  '1.0': event => event.httpMethod,
+  '2.0': event => event.requestContext.http.method
+};
+export default httpCorsMiddleware;

package/package.json CHANGED Viewed

@@ -1,18 +1,19 @@
 {
   "name": "@middy/http-cors",
-  "version": "2.5.2",
+  "version": "3.0.0-alpha.1",
   "description": "CORS (Cross-Origin Resource Sharing) middleware for the middy framework",
-  "type": "commonjs",
+  "type": "module",
   "engines": {
-    "node": ">=12"
+    "node": ">=14"
   },
   "engineStrict": true,
   "publishConfig": {
     "access": "public"
   },
-  "main": "index.js",
+  "exports": "./index.js",
   "types": "index.d.ts",
   "files": [
+    "index.js",
     "index.d.ts"
   ],
   "scripts": {
@@ -44,11 +45,11 @@
     "url": "https://github.com/middyjs/middy/issues"
   },
   "homepage": "https://github.com/middyjs/middy#readme",
-  "gitHead": "a2bb757a7a13638ae64277f8eecfcf11c1af17d4",
+  "gitHead": "a14125c6b2e21b181824f9985a919a47f1e4711f",
   "dependencies": {
-    "@middy/util": "^2.5.2"
+    "@middy/util": "^3.0.0-alpha.1"
   },
   "devDependencies": {
-    "@middy/core": "^2.5.2"
+    "@middy/core": "^3.0.0-alpha.1"
   }
 }