npm - @middy/http-cors - Versions diffs - 5.1.0 → 5.2.0 - Mend

@middy/http-cors 5.1.0 → 5.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/index.js +143 -114
package/package.json +4 -4

package/index.js CHANGED Viewed

@@ -1,119 +1,148 @@
-import { normalizeHttpResponse } from '@middy/util';
-const getOrigin = (incomingOrigin, options = {})=>{
-    if (options.origins.length > 0) {
-        if (incomingOrigin && options.origins.includes(incomingOrigin)) {
-            return incomingOrigin;
-        } else {
-            return options.origins[0];
-        }
+import { normalizeHttpResponse } from '@middy/util'
+const getOrigin = (incomingOrigin, options = {}) => {
+  if (options.origins.length > 0) {
+    if (incomingOrigin && options.origins.includes(incomingOrigin)) {
+      return incomingOrigin
     } else {
-        if (incomingOrigin && options.credentials && options.origin === '*') {
-            return incomingOrigin;
-        }
-        return options.origin;
-    }
-};
-const defaults = {
-    disableBeforePreflightResponse: true,
-    getOrigin,
-    credentials: undefined,
-    headers: undefined,
-    methods: undefined,
-    origin: '*',
-    origins: [],
-    exposeHeaders: undefined,
-    maxAge: undefined,
-    requestHeaders: undefined,
-    requestMethods: undefined,
-    cacheControl: undefined,
-    vary: undefined
-};
-const httpCorsMiddleware = (opts = {})=>{
-    const options = {
-        ...defaults,
-        ...opts
-    };
-    const httpCorsMiddlewareBefore = async (request)=>{
-        if (options.disableBeforePreflightResponse) return;
-        const method = getVersionHttpMethod[request.event.version ?? '1.0']?.(request.event);
-        if (method === 'OPTIONS') {
-            normalizeHttpResponse(request);
-            const headers = {};
-            modifyHeaders(headers, options, request);
-            request.response.headers = headers;
-            request.response.statusCode = 204;
-            return request.response;
-        }
-    };
-    const httpCorsMiddlewareAfter = async (request)=>{
-        normalizeHttpResponse(request);
-        const { headers } = request.response;
-        modifyHeaders(headers, options, request);
-        request.response.headers = headers;
-    };
-    const httpCorsMiddlewareOnError = async (request)=>{
-        if (request.response === undefined) return;
-        await httpCorsMiddlewareAfter(request);
-    };
-    return {
-        before: httpCorsMiddlewareBefore,
-        after: httpCorsMiddlewareAfter,
-        onError: httpCorsMiddlewareOnError
-    };
-};
-const getVersionHttpMethod = {
-    '1.0': (event)=>event.httpMethod,
-    '2.0': (event)=>event.requestContext.http.method
-};
-const modifyHeaders = (headers, options, request)=>{
-    const existingHeaders = Object.keys(headers);
-    if (existingHeaders.includes('Access-Control-Allow-Credentials')) {
-        options.credentials = headers['Access-Control-Allow-Credentials'] === 'true';
-    }
-    if (options.credentials) {
-        headers['Access-Control-Allow-Credentials'] = String(options.credentials);
-    }
-    if (options.headers && !existingHeaders.includes('Access-Control-Allow-Headers')) {
-        headers['Access-Control-Allow-Headers'] = options.headers;
-    }
-    if (options.methods && !existingHeaders.includes('Access-Control-Allow-Methods')) {
-        headers['Access-Control-Allow-Methods'] = options.methods;
-    }
-    if (!existingHeaders.includes('Access-Control-Allow-Origin')) {
-        const eventHeaders = request.event.headers ?? {};
-        const incomingOrigin = eventHeaders.Origin ?? eventHeaders.origin;
-        headers['Access-Control-Allow-Origin'] = options.getOrigin(incomingOrigin, options);
-    }
-    let vary = options.vary;
-    if (headers['Access-Control-Allow-Origin'] !== '*' && !vary) {
-        vary = 'Origin';
-    }
-    if (vary && !existingHeaders.includes('Vary')) {
-        headers.Vary = vary;
+      return options.origins[0]
     }
-    if (options.exposeHeaders && !existingHeaders.includes('Access-Control-Expose-Headers')) {
-        headers['Access-Control-Expose-Headers'] = options.exposeHeaders;
+  } else {
+    if (incomingOrigin && options.credentials && options.origin === '*') {
+      return incomingOrigin
     }
-    if (options.maxAge && !existingHeaders.includes('Access-Control-Max-Age')) {
-        headers['Access-Control-Max-Age'] = String(options.maxAge);
-    }
-    if (options.requestHeaders && !existingHeaders.includes('Access-Control-Request-Headers')) {
-        headers['Access-Control-Request-Headers'] = options.requestHeaders;
-    }
-    if (options.requestMethods && !existingHeaders.includes('Access-Control-Request-Methods')) {
-        headers['Access-Control-Request-Methods'] = options.requestMethods;
-    }
-    const httpMethod = getVersionHttpMethod[request.event.version ?? '1.0']?.(request.event);
-    if (!httpMethod) {
-        throw new Error('Unknown http event format', {
-            cause: {
-                package: '@middy/http-cors'
-            }
-        });
-    }
-    if (httpMethod === 'OPTIONS' && options.cacheControl && !existingHeaders.includes('Cache-Control')) {
-        headers['Cache-Control'] = options.cacheControl;
+    return options.origin
+  }
+}
+const defaults = {
+  disableBeforePreflightResponse: true,
+  getOrigin,
+  credentials: undefined,
+  headers: undefined,
+  methods: undefined,
+  origin: '*',
+  origins: [],
+  exposeHeaders: undefined,
+  maxAge: undefined,
+  requestHeaders: undefined,
+  requestMethods: undefined,
+  cacheControl: undefined,
+  vary: undefined
+}
+const httpCorsMiddleware = (opts = {}) => {
+  const options = {
+    ...defaults,
+    ...opts
+  }
+  const httpCorsMiddlewareBefore = async (request) => {
+    if (options.disableBeforePreflightResponse) return
+    const method = getVersionHttpMethod[request.event.version ?? '1.0']?.(
+      request.event
+    )
+    if (method === 'OPTIONS') {
+      normalizeHttpResponse(request)
+      const headers = {}
+      modifyHeaders(headers, options, request)
+      request.response.headers = headers
+      request.response.statusCode = 204
+      return request.response
     }
-};
-export default httpCorsMiddleware;
+  }
+  const httpCorsMiddlewareAfter = async (request) => {
+    normalizeHttpResponse(request)
+    const { headers } = request.response
+    modifyHeaders(headers, options, request)
+    request.response.headers = headers
+  }
+  const httpCorsMiddlewareOnError = async (request) => {
+    if (request.response === undefined) return
+    await httpCorsMiddlewareAfter(request)
+  }
+  return {
+    before: httpCorsMiddlewareBefore,
+    after: httpCorsMiddlewareAfter,
+    onError: httpCorsMiddlewareOnError
+  }
+}
+const getVersionHttpMethod = {
+  '1.0': (event) => event.httpMethod,
+  '2.0': (event) => event.requestContext.http.method
+}
+const modifyHeaders = (headers, options, request) => {
+  const existingHeaders = Object.keys(headers)
+  if (existingHeaders.includes('Access-Control-Allow-Credentials')) {
+    options.credentials = headers['Access-Control-Allow-Credentials'] === 'true'
+  }
+  if (options.credentials) {
+    headers['Access-Control-Allow-Credentials'] = String(options.credentials)
+  }
+  if (
+    options.headers &&
+    !existingHeaders.includes('Access-Control-Allow-Headers')
+  ) {
+    headers['Access-Control-Allow-Headers'] = options.headers
+  }
+  if (
+    options.methods &&
+    !existingHeaders.includes('Access-Control-Allow-Methods')
+  ) {
+    headers['Access-Control-Allow-Methods'] = options.methods
+  }
+  if (!existingHeaders.includes('Access-Control-Allow-Origin')) {
+    const eventHeaders = request.event.headers ?? {}
+    const incomingOrigin = eventHeaders.Origin ?? eventHeaders.origin
+    headers['Access-Control-Allow-Origin'] = options.getOrigin(
+      incomingOrigin,
+      options
+    )
+  }
+  let vary = options.vary
+  if (headers['Access-Control-Allow-Origin'] !== '*' && !vary) {
+    vary = 'Origin'
+  }
+  if (vary && !existingHeaders.includes('Vary')) {
+    headers.Vary = vary
+  }
+  if (
+    options.exposeHeaders &&
+    !existingHeaders.includes('Access-Control-Expose-Headers')
+  ) {
+    headers['Access-Control-Expose-Headers'] = options.exposeHeaders
+  }
+  if (options.maxAge && !existingHeaders.includes('Access-Control-Max-Age')) {
+    headers['Access-Control-Max-Age'] = String(options.maxAge)
+  }
+  if (
+    options.requestHeaders &&
+    !existingHeaders.includes('Access-Control-Request-Headers')
+  ) {
+    headers['Access-Control-Request-Headers'] = options.requestHeaders
+  }
+  if (
+    options.requestMethods &&
+    !existingHeaders.includes('Access-Control-Request-Methods')
+  ) {
+    headers['Access-Control-Request-Methods'] = options.requestMethods
+  }
+  const httpMethod = getVersionHttpMethod[request.event.version ?? '1.0']?.(
+    request.event
+  )
+  if (!httpMethod) {
+    throw new Error('Unknown http event format', {
+      cause: { package: '@middy/http-cors' }
+    })
+  }
+  if (
+    httpMethod === 'OPTIONS' &&
+    options.cacheControl &&
+    !existingHeaders.includes('Cache-Control')
+  ) {
+    headers['Cache-Control'] = options.cacheControl
+  }
+}
+export default httpCorsMiddleware

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@middy/http-cors",
-  "version": "5.1.0",
+  "version": "5.2.0",
   "description": "CORS (Cross-Origin Resource Sharing) middleware for the middy framework",
   "type": "module",
   "engines": {
@@ -58,11 +58,11 @@
     "type": "github",
     "url": "https://github.com/sponsors/willfarrell"
   },
-  "gitHead": "bbdaf5843914921804ba085dd58117273febe6b5",
+  "gitHead": "2d9096a49cd8fb62359517be96d6c93609df41f0",
   "dependencies": {
-    "@middy/util": "5.1.0"
+    "@middy/util": "5.2.0"
   },
   "devDependencies": {
-    "@middy/core": "5.1.0"
+    "@middy/core": "5.2.0"
   }
 }