@middy/http-cors 7.1.2 → 7.1.3

package/README.md

@@ -30,6 +30,23 @@
 <p>You can read the documentation at: <a href="https://middy.js.org/docs/middlewares/http-cors">https://middy.js.org/docs/middlewares/http-cors</a></p>
 </div>
 
+## Install
+
+```bash
+npm install --save @middy/http-cors
+```
+
+
+## Documentation and examples
+
+For documentation and examples, refer to the main [Middy monorepo on GitHub](https://github.com/middyjs/middy) or [Middy official website](https://middy.js.org/docs/middlewares/http-cors).
+
+
+## Contributing
+
+Everyone is very welcome to contribute to this repository. Feel free to [raise issues](https://github.com/middyjs/middy/issues) or to [submit Pull Requests](https://github.com/middyjs/middy/pulls).
+
+
 ## License
 
 Licensed under [MIT License](LICENSE). Copyright (c) 2017-2026 [will Farrell](https://github.com/willfarrell), [Luciano Mammino](https://github.com/lmammino), and [Middy contributors](https://github.com/middyjs/middy/graphs/contributors).

package/index.d.ts

@@ -3,7 +3,10 @@
 import type middy from "@middy/core";
 
 export interface Options {
-	getOrigin?: (incomingOrigin: string, options: Options) => string;
+	getOrigin?: (
+		incomingOrigin: string,
+		options: Options,
+	) => string | null | undefined;
 	credentials?: boolean | string;
 	disableBeforePreflightResponse?: boolean;
 	headers?: string;
@@ -18,6 +21,8 @@ export interface Options {
 	vary?: string;
 }
 
-declare function httpCors(options?: Options): middy.MiddlewareObj;
+declare function httpCors(
+	options?: Options,
+): middy.MiddlewareObj<unknown, unknown, Error>;
 
 export default httpCors;

package/index.js

@@ -126,8 +126,7 @@ const httpCorsMiddleware = (opts = {}) => {
 	}
 
 	const modifyHeaders = (headers, options, request) => {
-		const existingHeaders = Object.keys(headers);
-		if (existingHeaders.includes("Access-Control-Allow-Credentials")) {
+		if (Object.hasOwn(headers, "Access-Control-Allow-Credentials")) {
 			options.credentials =
 				headers["Access-Control-Allow-Credentials"] === "true";
 		}
@@ -136,19 +135,19 @@ const httpCorsMiddleware = (opts = {}) => {
 		}
 		if (
 			options.headers &&
-			!existingHeaders.includes("Access-Control-Allow-Headers")
+			!Object.hasOwn(headers, "Access-Control-Allow-Headers")
 		) {
 			headers["Access-Control-Allow-Headers"] = options.headers;
 		}
 		if (
 			options.methods &&
-			!existingHeaders.includes("Access-Control-Allow-Methods")
+			!Object.hasOwn(headers, "Access-Control-Allow-Methods")
 		) {
 			headers["Access-Control-Allow-Methods"] = options.methods;
 		}
 
 		let newOrigin;
-		if (!existingHeaders.includes("Access-Control-Allow-Origin")) {
+		if (!Object.hasOwn(headers, "Access-Control-Allow-Origin")) {
 			const eventHeaders = request.event.headers ?? {};
 			const incomingOrigin = eventHeaders.Origin ?? eventHeaders.origin;
 			newOrigin = options.getOrigin(incomingOrigin, options);
@@ -171,11 +170,11 @@ const httpCorsMiddleware = (opts = {}) => {
 
 		if (
 			options.exposeHeaders &&
-			!existingHeaders.includes("Access-Control-Expose-Headers")
+			!Object.hasOwn(headers, "Access-Control-Expose-Headers")
 		) {
 			headers["Access-Control-Expose-Headers"] = options.exposeHeaders;
 		}
-		if (options.maxAge && !existingHeaders.includes("Access-Control-Max-Age")) {
+		if (options.maxAge && !Object.hasOwn(headers, "Access-Control-Max-Age")) {
 			headers["Access-Control-Max-Age"] = String(options.maxAge);
 		}
 		const httpMethod = getVersionHttpMethod[request.event.version ?? "1.0"]?.(
@@ -184,13 +183,13 @@ const httpCorsMiddleware = (opts = {}) => {
 		if (
 			httpMethod === "OPTIONS" &&
 			options.cacheControl &&
-			!existingHeaders.includes("Cache-Control")
+			!Object.hasOwn(headers, "Cache-Control")
 		) {
 			headers["Cache-Control"] = options.cacheControl;
 		}
 	};
 
-	const httpCorsMiddlewareBefore = async (request) => {
+	const httpCorsMiddlewareBefore = (request) => {
 		if (options.disableBeforePreflightResponse) return;
 
 		const method = getVersionHttpMethod[request.event.version ?? "1.0"]?.(
@@ -240,15 +239,15 @@ const httpCorsMiddleware = (opts = {}) => {
 		}
 	};
 
-	const httpCorsMiddlewareAfter = async (request) => {
+	const httpCorsMiddlewareAfter = (request) => {
 		normalizeHttpResponse(request);
-		const headers = structuredClone(request.response.headers);
+		const headers = { ...request.response.headers };
 		modifyHeaders(headers, options, request);
 		request.response.headers = headers;
 	};
-	const httpCorsMiddlewareOnError = async (request) => {
-		if (request.response === undefined) return;
-		await httpCorsMiddlewareAfter(request);
+	const httpCorsMiddlewareOnError = (request) => {
+		if (typeof request.response === "undefined") return;
+		httpCorsMiddlewareAfter(request);
 	};
 	return {
 		before: httpCorsMiddlewareBefore,

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@middy/http-cors",
-	"version": "7.1.2",
+	"version": "7.1.3",
 	"description": "CORS (Cross-Origin Resource Sharing) middleware for the middy framework",
 	"type": "module",
 	"engines": {
@@ -63,12 +63,12 @@
 		"type": "github",
 		"url": "https://github.com/sponsors/willfarrell"
 	},
-	"gitHead": "7a6c0fbb8ab71d6a2171e678697de9f237568431",
 	"dependencies": {
-		"@middy/util": "7.1.2"
+		"@middy/util": "7.1.3"
 	},
 	"devDependencies": {
-		"@middy/core": "7.1.2",
-		"@types/aws-lambda": "^8.0.0"
+		"@middy/core": "7.1.3",
+		"@types/aws-lambda": "^8.0.0",
+		"@types/node": "^22.0.0"
 	}
 }