@middy/http-cors 7.1.0 → 7.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/index.d.ts +1 -0
- package/index.js +22 -3
- package/package.json +4 -3
package/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<div align="center">
|
|
2
|
-
<h1>Middy
|
|
2
|
+
<h1>Middy `http-cors` middleware</h1>
|
|
3
3
|
<img alt="Middy logo" src="https://raw.githubusercontent.com/middyjs/middy/main/docs/img/middy-logo.svg"/>
|
|
4
4
|
<p><strong>CORS middleware for the middy framework, the stylish Node.js middleware engine for AWS Lambda</strong></p>
|
|
5
5
|
<p>
|
package/index.d.ts
CHANGED
package/index.js
CHANGED
|
@@ -2,6 +2,25 @@
|
|
|
2
2
|
// SPDX-License-Identifier: MIT
|
|
3
3
|
import { normalizeHttpResponse } from "@middy/util";
|
|
4
4
|
|
|
5
|
+
const hostnameToPunycode = (hostname) => {
|
|
6
|
+
const placeholder = "-_ANY_-";
|
|
7
|
+
const tempHostname = hostname.replace(/\*/g, placeholder);
|
|
8
|
+
try {
|
|
9
|
+
const url = new URL(`https://${tempHostname}`);
|
|
10
|
+
return url.host.replaceAll(placeholder.toLowerCase(), "*");
|
|
11
|
+
} catch {
|
|
12
|
+
return hostname;
|
|
13
|
+
}
|
|
14
|
+
};
|
|
15
|
+
|
|
16
|
+
const originToPunycode = (origin) => {
|
|
17
|
+
if (!origin || origin === "*") return origin;
|
|
18
|
+
const match = origin.match(/^(https?:\/\/)(.+)$/);
|
|
19
|
+
if (!match) return origin;
|
|
20
|
+
const [, protocol, host] = match;
|
|
21
|
+
return protocol + hostnameToPunycode(host);
|
|
22
|
+
};
|
|
23
|
+
|
|
5
24
|
// CORS-safelisted request headers
|
|
6
25
|
// https://developer.mozilla.org/en-US/docs/Glossary/CORS-safelisted_request_header
|
|
7
26
|
const corsSafelistedRequestHeaders = [
|
|
@@ -66,10 +85,11 @@ const httpCorsMiddleware = (opts = {}) => {
|
|
|
66
85
|
const originStatic = {};
|
|
67
86
|
const originDynamic = [];
|
|
68
87
|
|
|
69
|
-
for (
|
|
88
|
+
for (let origin of [options.origin, ...options.origins]) {
|
|
70
89
|
if (!origin) {
|
|
71
90
|
continue;
|
|
72
91
|
}
|
|
92
|
+
origin = originToPunycode(origin);
|
|
73
93
|
// All
|
|
74
94
|
if (origin === "*") {
|
|
75
95
|
originAny = true;
|
|
@@ -82,7 +102,6 @@ const httpCorsMiddleware = (opts = {}) => {
|
|
|
82
102
|
}
|
|
83
103
|
originMany = true;
|
|
84
104
|
// Dynamic
|
|
85
|
-
// TODO: IDN -> puncycode not handled, add in if requested
|
|
86
105
|
const regExpStr = origin
|
|
87
106
|
.replace(/[.+?^${}()|[\]\\]/g, "\\$&")
|
|
88
107
|
.replaceAll("*", "[^.]*");
|
|
@@ -227,7 +246,7 @@ const getVersionHttpMethod = {
|
|
|
227
246
|
"2.0": (event) => event.requestContext.http.method,
|
|
228
247
|
};
|
|
229
248
|
|
|
230
|
-
// header in
|
|
249
|
+
// header in official name, lowercase variant handled
|
|
231
250
|
const addHeaderPart = (headers, header, value) => {
|
|
232
251
|
if (!value) return;
|
|
233
252
|
const headerLower = header.toLowerCase();
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@middy/http-cors",
|
|
3
|
-
"version": "7.1.
|
|
3
|
+
"version": "7.1.1",
|
|
4
4
|
"description": "CORS (Cross-Origin Resource Sharing) middleware for the middy framework",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"engines": {
|
|
@@ -65,9 +65,10 @@
|
|
|
65
65
|
},
|
|
66
66
|
"gitHead": "7a6c0fbb8ab71d6a2171e678697de9f237568431",
|
|
67
67
|
"dependencies": {
|
|
68
|
-
"@middy/util": "7.1.
|
|
68
|
+
"@middy/util": "7.1.1"
|
|
69
69
|
},
|
|
70
70
|
"devDependencies": {
|
|
71
|
-
"@middy/core": "7.1.
|
|
71
|
+
"@middy/core": "7.1.1",
|
|
72
|
+
"@types/aws-lambda": "^8.0.0"
|
|
72
73
|
}
|
|
73
74
|
}
|