@middy/http-cors 5.3.4 → 5.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/index.js +47 -15
  2. package/package.json +4 -4
package/index.js CHANGED
@@ -1,22 +1,8 @@
1
1
  import { normalizeHttpResponse } from '@middy/util'
2
2
 
3
- const getOrigin = (incomingOrigin, options = {}) => {
4
- if (options.origins.length > 0) {
5
- if (incomingOrigin && options.origins.includes(incomingOrigin)) {
6
- return incomingOrigin
7
- }
8
- } else {
9
- if (incomingOrigin && options.credentials && options.origin === '*') {
10
- return incomingOrigin
11
- }
12
- return options.origin
13
- }
14
- return null
15
- }
16
-
17
3
  const defaults = {
18
4
  disableBeforePreflightResponse: true,
19
- getOrigin,
5
+ getOrigin: undefined, // default inserted below
20
6
  credentials: undefined,
21
7
  headers: undefined,
22
8
  methods: undefined,
@@ -30,10 +16,56 @@ const defaults = {
30
16
  vary: undefined
31
17
  }
32
18
  const httpCorsMiddleware = (opts = {}) => {
19
+ let originAny = false
20
+ const originStatic = {}
21
+ const originDynamic = []
22
+ const getOrigin = (incomingOrigin, options = {}) => {
23
+ if (options.origins.length > 0) {
24
+ if (originStatic[incomingOrigin]) {
25
+ return incomingOrigin
26
+ }
27
+ if (originAny) {
28
+ if (options.credentials) {
29
+ return incomingOrigin
30
+ } else {
31
+ return '*'
32
+ }
33
+ }
34
+ if (originDynamic.some((regExp) => regExp.test(incomingOrigin))) {
35
+ return incomingOrigin
36
+ }
37
+ // TODO deprecate `else` in v6
38
+ } else {
39
+ if (incomingOrigin && options.credentials && options.origin === '*') {
40
+ return incomingOrigin
41
+ }
42
+ return options.origin
43
+ }
44
+ return null
45
+ }
33
46
  const options = {
34
47
  ...defaults,
48
+ getOrigin,
35
49
  ...opts
36
50
  }
51
+
52
+ for (const origin of options.origins) {
53
+ // Static
54
+ if (origin.indexOf('*') < 0) {
55
+ originStatic[origin] = true
56
+ continue
57
+ }
58
+ // All
59
+ if (origin === '*') {
60
+ originAny = true
61
+ continue
62
+ }
63
+ // Dynamic
64
+ // TODO: IDN -> puncycode not handled, add in if requested
65
+ const regExpStr = origin.replaceAll('.', '\\.').replaceAll('*', '[^.]*')
66
+ originDynamic.push(new RegExp(`^${regExpStr}$`))
67
+ }
68
+
37
69
  const httpCorsMiddlewareBefore = async (request) => {
38
70
  if (options.disableBeforePreflightResponse) return
39
71
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@middy/http-cors",
3
- "version": "5.3.4",
3
+ "version": "5.4.0",
4
4
  "description": "CORS (Cross-Origin Resource Sharing) middleware for the middy framework",
5
5
  "type": "module",
6
6
  "engines": {
@@ -58,11 +58,11 @@
58
58
  "type": "github",
59
59
  "url": "https://github.com/sponsors/willfarrell"
60
60
  },
61
- "gitHead": "37632cf8463e8834c09e91bff14817b7e1e2e8ee",
61
+ "gitHead": "593d40bc87996159c29367ab39d7d415940d9fba",
62
62
  "dependencies": {
63
- "@middy/util": "5.3.4"
63
+ "@middy/util": "5.4.0"
64
64
  },
65
65
  "devDependencies": {
66
- "@middy/core": "5.3.4"
66
+ "@middy/core": "5.4.0"
67
67
  }
68
68
  }