mockaton 7.2.0 → 7.3.0

package/README.md

@@ -12,21 +12,41 @@ my-mocks-dir/api/user/[user-id].GET.200.json
 [This browser extension](https://github.com/ericfortis/devtools-ext-tar-http-requests)
 can be used for downloading a TAR of your XHR requests following that convention.
 
-## Benefits
+
+## Getting Started Demo
+Checkout this repo and run `npm run demo`, which will open the following
+dashboard. Then, explore the [sample-mocks/](./sample-mocks) directory.
+
+<picture>
+  <source media="(prefers-color-scheme: light)" srcset="./README-dashboard-light.png">
+  <source media="(prefers-color-scheme: dark)" srcset="./README-dashboard-dark.png">
+  <img alt="Mockaton Dashboard Demo" src="./README-dashboard-light.png" style="max-width: 860px">
+</picture>
+
+Then, pick a mock variant from the Mock dropdown (we’ll discuss
+them later). At its right, note the _Delay_ toggler, and the button
+for sending _500 - Internal Server Error_ on that endpoint.
+
+Then edit a mock file. You don’t need to restart Mockaton for that, the
+_Reset_ button is for registering newly added, removed, or renamed mocks.
+
+
+## Use Cases
+- Test empty responses
+- Test spinners by delaying responses
+- Test errors such as _Bad Request_ and _Internal Server Error_
+- Trigger notifications and alerts
+- Prototyping before the backend API is developed
+- Setting up tests
+- As API documentation
+- If you commit the mocks in the repo, when bisecting a bug, you don’t
+  have to sync the frontend with many backend repos
+  - Similarly, I can check out long-lived branches that have old API contracts
+
+## Motivation
 - Avoids having to spin up and maintain hefty or complex backends when developing UIs.
 - For a deterministic and comprehensive backend state. For example, having all the possible
-  state variants of a particular collection helps for spotting inadvertent bugs. And having those
-  assorted responses are not easy to trigger from the backend.
-- Testing empty responses.
-- Testing spinners by delaying responses.
-- Testing errors such as _Bad Request_ and _Internal Server Error_.
-- Triggering notifications and alerts.
-- Prototyping before the backend API is developed.
-- Setting up tests.
-- If you commit the mocks in the repo, when bisecting a bug, you don’t
-  have to sync the frontend with many backend repos.
-  - Similarly, I can check out long-lived branches that have old API contracts.
-- As API documentation.
+  state variants of a collection helps for spotting inadvertent bugs.
 
 ## Alternatives
 - Chrome DevTools allows for [overriding responses](https://developer.chrome.com/docs/devtools/overrides)
@@ -37,19 +57,6 @@ can be used for downloading a TAR of your XHR requests following that convention
 - Syncing the mocks, but the browser extension mentioned above helps.
 
 
-## Getting Started
-The best way to learn _Mockaton_ is by checking out this repo and
-exploring its [sample-mocks/](./sample-mocks) directory. Then, run
-[`./_usage_example.js`](./_usage_example.js) and you’ll see the dashboard.
-
-You can select mock files without resetting Mockaton. The _Reset_
-button is for when you add, remove, or rename a mock file.
-
-The dropdown lets you pick a mock variant, details in the next section. Next to it is a
-_Delay_ toggler, and a button for sending _500 - Internal Server Error_ on that endpoint.
-
-<img src="./README-dashboard.png" style="max-width:820px"/>
-
 ## Basic Usage
 ```
 npm install mockaton
@@ -89,7 +96,7 @@ interface Config {
   extraHeaders?: []
 
   corsAllowed?: boolean, // Defaults to false
-  // The options for customizing CORS are listed below
+  // cors* customization options are explained below
 
   onReady?: (dashboardUrl: string) => void // Defaults to trying to open macOS and Win default browser.
 }
@@ -271,8 +278,8 @@ Config.corsOrigins = ['*']
 Config.corsMethods = ['GET', 'PUT', 'DELETE', 'POST', 'PATCH', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT']
 Config.corsHeaders = ['content-type']
 Config.corsCredentials = true
-Config.corsMaxAge = 0
-Config.corsExposedHeaders = []
+Config.corsMaxAge = 0 // seconds to cache the preflight req
+Config.corsExposedHeaders = [] // headers you need to access in client-side JS
 ```
 
 ## `Config.onReady`
@@ -342,9 +349,9 @@ await mockaton.setProxyFallback('http://example.com')
 Pass an empty string to disable it.
 
 ### Reset
-Re-initialize the collection. So if you added or removed mocks they
-will be considered. The selected mocks, cookies, and delays go
-back to default, but `Config.proxyFallback` is not affected.
+Re-initialize the collection. So if you added or removed mocks they will
+be considered. The selected mocks, cookies, and delays go back to default,
+but `Config.proxyFallback` and `Config.corsAllowed` are not affected.
 ```js
 await mockaton.reset()
 ```

package/package.json

@@ -2,7 +2,7 @@
 	"name": "mockaton",
 	"description": "A deterministic server-side for developing and testing frontend clients",
 	"type": "module",
-	"version": "7.2.0",
+	"version": "7.3.0",
 	"main": "index.js",
 	"types": "index.d.ts",
 	"license": "MIT",

package/sample-mocks/api/user/edit-name.PATCH.422.json

@@ -0,0 +1,3 @@
+{
+	"msg": "Validation Error"
+}

package/src/Api.js

@@ -18,10 +18,12 @@ export const apiGetRequests = new Map([
 	['/Dashboard.js', serveDashboardAsset],
 	['/Dashboard.css', serveDashboardAsset],
 	['/ApiConstants.js', serveDashboardAsset],
+	['/Commander.js', serveDashboardAsset],
 	['/mockaton-logo.svg', serveDashboardAsset],
 	[API.mocks, listMockBrokers],
 	[API.cookies, listCookies],
-	[API.comments, listComments]
+	[API.comments, listComments],
+	[API.cors, getIsCorsAllowed]
 ])
 
 export const apiPatchRequests = new Map([
@@ -30,7 +32,8 @@ export const apiPatchRequests = new Map([
 	[API.reset, reinitialize],
 	[API.cookies, selectCookie],
 	[API.fallback, updateProxyFallback],
-	[API.bulkSelect, bulkUpdateBrokersByCommentTag]
+	[API.bulkSelect, bulkUpdateBrokersByCommentTag],
+	[API.cors, setCorsAllowed]
 ])
 
 function serveDashboard(_, response) { sendFile(response, join(import.meta.dirname, 'Dashboard.html')) }
@@ -39,6 +42,7 @@ function serveDashboardAsset(req, response) { sendFile(response, join(import.met
 function listCookies(_, response) { sendJSON(response, cookie.list()) }
 function listComments(_, response) { sendJSON(response, mockBrokersCollection.extractAllComments()) }
 function listMockBrokers(_, response) { sendJSON(response, mockBrokersCollection.getAll()) }
+function getIsCorsAllowed(_, response) { sendJSON(response, Config.corsAllowed) }
 
 
 function reinitialize(_, response) {
@@ -113,3 +117,14 @@ async function bulkUpdateBrokersByCommentTag(req, response) {
 		sendBadRequest(response, error)
 	}
 }
+
+
+async function setCorsAllowed(req, response) {
+	try {
+		Config.corsAllowed = await parseJSON(req)
+		sendOK(response)
+	}
+	catch (error) {
+		sendBadRequest(response, error)
+	}
+}

package/src/ApiConstants.js

@@ -8,7 +8,8 @@ export const API = {
 	mocks: MOUNT + '/mocks',
 	reset: MOUNT + '/reset',
 	cookies: MOUNT + '/cookies',
-	fallback: MOUNT + '/fallback'
+	fallback: MOUNT + '/fallback',
+	cors: MOUNT + '/cors'
 }
 
 export const DF = { // Dashboard Fields (XHR)

package/src/Commander.js

@@ -7,6 +7,10 @@ export class Commander {
 		this.#addr = addr
 	}
 
+	listMocks() {
+		return this.#get(API.mocks)
+	}
+
 	select(file) {
 		return this.#patch(API.select, file)
 	}
@@ -41,6 +45,13 @@ export class Commander {
 		return this.#patch(API.reset)
 	}
 
+	getCorsAllowed() {
+		return this.#get(API.cors)
+	}
+	setCorsAllowed(value) {
+		return this.#patch(API.cors, value)
+	}
+
 
 	#get(api) {
 		return fetch(this.#addr + api)

package/src/Config.js

@@ -58,9 +58,6 @@ export function setup(options) {
 
 		onReady: is(Function)
 	})
-
-	if (!Config.corsAllowed) // TESTME
-		Config.corsOrigins = []
 }
 
 

package/src/Dashboard.css

@@ -1,17 +1,48 @@
 :root {
-	--colorAccent: #0069d0;
-	--colorHover: #dfefff;
-	--colorRed: #da0f00;
-	--colorLightRed: #ffe4ee;
-	--colorLightOrange: #ffedd1;
-	--colorLightGrey: rgba(0, 0, 0, 0.02);
+	--boxShadow1: 0 2px 1px -1px rgba(0, 0, 0, 0.2), 0 1px 1px 0 rgba(0, 0, 0, 0.14), 0 1px 3px 0 rgba(0, 0, 0, 0.12);
 }
+
+@media (prefers-color-scheme: light) {
+	:root {
+		--color4xxBackground: #ffedd1;
+		--colorAccent: #0171dd;
+		--colorBackground: #fff;
+		--colorCodeBackground: #fafafa;
+		--colorComboBoxBackground: #fafafa;
+		--colorDisabled: #222;
+		--colorHover: #dfefff;
+		--colorLabel: #777;
+		--colorLightRed: #ffe4ee;
+		--colorRed: #da0f00;
+		--colorSecondaryButtonBackground: #f0f0f0;
+		--colorText: #000;
+	}
+}
+@media (prefers-color-scheme: dark) {
+	:root {
+		--color4xxBackground: #403630;
+		--colorAccent: #0682fa;
+		--colorBackground: #141414;
+		--colorCodeBackground: #333;
+		--colorComboBoxBackground: #252525;
+		--colorDisabled: #aaa;
+		--colorHover: #023661;
+		--colorLabel: #aaa;
+		--colorLightRed: #ffe4ee;
+		--colorRed: #f41606;
+		--colorSecondaryButtonBackground: #444;
+		--colorText: #fff;
+	}
+}
+
 html, body {
 	margin: 0;
 	font-size: 12px;
 }
 body {
 	padding: 16px;
+	background: var(--colorBackground);
+	color: var(--colorText);
 }
 * {
 	padding: 0;
@@ -21,19 +52,24 @@ body {
 	font-size: 100%;
 }
 
+select {
+	background: var(--colorComboBoxBackground);
+	color: var(--colorText);
+	cursor: pointer;
+	border-radius: 4px;
+	outline: 0;
 
-fieldset {
-	width: 120px;
-	border: 1px solid #ccc;
-
-	label {
-		display: flex;
-		align-items: center;
-		padding: 4px 0;
-
-		input {
-			margin-right: 6px;
-		}
+	&:enabled {
+		box-shadow: var(--boxShadow1);
+	}
+	&:enabled:hover {
+		cursor: pointer;
+		background: var(--colorHover);
+	}
+	&:disabled {
+		background: transparent;
+		cursor: not-allowed;
+		color: var(--colorDisabled);
 	}
 }
 
@@ -61,26 +97,25 @@ menu {
 	display: flex;
 	align-items: flex-end;
 	margin-bottom: 12px;
-	gap: 14px;
+	gap: 16px;
 
 	img {
-		margin-right: 16px;
+		width: 140px;
+		margin-right: 24px;
 	}
 
 	label {
 		span {
 			display: block;
-			color: #555;
+			padding-left: 7px;
+			color: var(--colorLabel);
 			font-size: 11px;
 		}
 
 		select {
-			width: 144px;
-			padding: 3px 0;
-			border: 1px solid #bbb;
-			margin-top: 1px;
-			cursor: pointer;
-			border-radius: 4px;
+			width: 150px;
+			padding: 4px;
+			margin-top: 2px;
 			font-size: 11px;
 		}
 	}
@@ -98,6 +133,13 @@ menu {
 			color: white;
 		}
 	}
+
+	.CorsCheckbox {
+		display: flex;
+		align-items: center;
+		margin-bottom: 4px;
+		gap: 4px;
+	}
 }
 
 .PayloadViewer {
@@ -118,7 +160,7 @@ menu {
 			max-height: calc(100vh - 160px);
 			padding: 12px;
 			margin-top: 6px;
-			background: var(--colorLightGrey);
+			background: var(--colorCodeBackground);
 			font-family: monospace;
 		}
 	}
@@ -147,23 +189,13 @@ menu {
 	padding: 8px 1px;
 	border: 0;
 	border-radius: 4px;
-	background: #eee;
 	text-align: right;
 	direction: rtl;
 	text-overflow: ellipsis;
 	font-size: 12px;
 
-	&:disabled {
-		background: transparent;
-		color: #222;
-		cursor: not-allowed
-	}
-	&:enabled:hover {
-		cursor: pointer;
-		background: var(--colorHover);
-	}
 	&.status4xx {
-		background: var(--colorLightOrange);
+		background: var(--color4xxBackground);
 	}
 }
 
@@ -176,23 +208,22 @@ menu {
 		display: none;
 
 		&:checked ~ svg {
-			border-color: white;
-			filter: invert();
+			background: var(--colorAccent);
+			fill: white;
 		}
 	}
 
 	> svg {
-		width: 14px;
-		height: 14px;
-		border: 1px solid #000;
+		width: 16px;
+		height: 16px;
 		vertical-align: bottom;
-		fill: #000;
+		fill: var(--colorText);
 		border-radius: 50%;
-		background: white;
+		background: var(--colorSecondaryButtonBackground);
 
 		&:hover {
-			background: #bce5ff;
-			fill: #00318b;
+			background: var(--colorHover);
+			fill: var(--colorText);
 		}
 	}
 }
@@ -214,9 +245,9 @@ menu {
 	> span {
 		padding: 4px;
 		font-size: 10px;
-		color: #333;
+		color: var(--colorText);
 		border-radius: 2px;
-		background: white;
+		background: var(--colorSecondaryButtonBackground);
 
 		&:hover {
 			background: var(--colorLightRed);

package/src/Dashboard.js

@@ -1,8 +1,10 @@
-import { parseFilename } from '../Filename.js'
-import { API, DF, DEFAULT_500_COMMENT } from '../ApiConstants.js'
+import { parseFilename } from '/Filename.js'
+import { Commander } from '/Commander.js'
+import { DEFAULT_500_COMMENT } from '/ApiConstants.js'
 
 
 const Strings = {
+	allow_cors: 'Allow CORS',
 	bulk_select_by_comment: 'Bulk Select by Comment',
 	click_link_to_preview: 'Click a link to preview it',
 	cookie: 'Cookie',
@@ -17,6 +19,7 @@ const Strings = {
 }
 
 const CSS = {
+	CorsCheckbox: 'CorsCheckbox',
 	DelayToggler: 'DelayToggler',
 	InternalServerErrorToggler: 'InternalServerErrorToggler',
 	MockSelector: 'MockSelector',
@@ -32,24 +35,27 @@ const r = createElement
 const refPayloadViewer = useRef()
 const refPayloadFile = useRef()
 
+const mockaton = new Commander(window.location.origin)
+
 function init() {
 	Promise.all([
-		API.mocks,
-		API.cookies,
-		API.comments
-	].map(api => fetch(api).then(res => res.ok && res.json())))
+		mockaton.listMocks(),
+		mockaton.listCookies(),
+		mockaton.listComments(),
+		mockaton.getCorsAllowed()
+	].map(api => api.then(response => response.ok && response.json())))
 		.then(App)
 		.catch(console.error)
 }
 init()
 
-function App([brokersByMethod, cookies, comments]) {
+function App([brokersByMethod, cookies, comments, corsAllowed]) {
 	empty(document.body)
 	createRoot(document.body).render(
-		DevPanel(brokersByMethod, cookies, comments))
+		DevPanel(brokersByMethod, cookies, comments, corsAllowed))
 }
 
-function DevPanel(brokersByMethod, cookies, comments) {
+function DevPanel(brokersByMethod, cookies, comments, corsAllowed) {
 	document.title = Strings.title
 	return (
 		r('div', null,
@@ -57,6 +63,7 @@ function DevPanel(brokersByMethod, cookies, comments) {
 				r('img', { src: 'mockaton-logo.svg', width: 160 }),
 				r(CookieSelector, { list: cookies }),
 				r(BulkSelector, { comments }),
+				r(CorsCheckbox, { corsAllowed }),
 				r(ResetButton)),
 			r('main', null,
 				r('table', null, Object.entries(brokersByMethod).map(([method, brokers]) =>
@@ -66,19 +73,6 @@ function DevPanel(brokersByMethod, cookies, comments) {
 					r('pre', { ref: refPayloadViewer }, Strings.click_link_to_preview)))))
 }
 
-
-function ResetButton() {
-	return (
-		r('button', {
-			onClick() {
-				fetch(API.reset, { method: 'PATCH' })
-					.then(init)
-					.catch(console.error)
-			}
-		}, Strings.reset)
-	)
-}
-
 function CookieSelector({ list }) {
 	return (
 		r('label', null,
@@ -87,10 +81,7 @@ function CookieSelector({ list }) {
 				autocomplete: 'off',
 				disabled: list.length <= 1,
 				onChange() {
-					fetch(API.cookies, {
-						method: 'PATCH',
-						body: JSON.stringify(this.value)
-					})
+					mockaton.selectCookie(this.value)
 						.catch(console.error)
 				}
 			}, list.map(([key, selected]) =>
@@ -100,7 +91,6 @@ function CookieSelector({ list }) {
 				}, key)))))
 }
 
-
 function BulkSelector({ comments }) {
 	return (
 		r('label', null,
@@ -109,10 +99,7 @@ function BulkSelector({ comments }) {
 				autocomplete: 'off',
 				disabled: comments.length <= 1,
 				onChange() {
-					fetch(API.bulkSelect, {
-						method: 'PATCH',
-						body: JSON.stringify(this.value)
-					})
+					mockaton.bulkSelectByComment(this.value)
 						.then(init)
 						.catch(console.error)
 				}
@@ -122,6 +109,33 @@ function BulkSelector({ comments }) {
 				}, item)))))
 }
 
+function CorsCheckbox({ corsAllowed }) {
+	return (
+		r('label', { className: CSS.CorsCheckbox },
+			r('input', {
+				type: 'checkbox',
+				checked: corsAllowed,
+				onChange(event) {
+					mockaton.setCorsAllowed(event.currentTarget.checked)
+						.catch(console.error)
+				}
+			}),
+			Strings.allow_cors))
+}
+
+function ResetButton() {
+	return (
+		r('button', {
+			onClick() {
+				mockaton.reset()
+					.then(init)
+					.catch(console.error)
+			}
+		}, Strings.reset)
+	)
+}
+
+
 
 function SectionByMethod({ method, brokers }) {
 	return (
@@ -188,10 +202,7 @@ function MockSelector({ broker }) {
 				this.style.fontWeight = this.value === this.options[0].value // default is selected
 					? 'normal'
 					: 'bold'
-				fetch(API.select, {
-					method: 'PATCH',
-					body: JSON.stringify(this.value)
-				})
+				mockaton.select(this.value)
 					.then(() => {
 						this.closest('tr').querySelector('a').click()
 						this.closest('tr').querySelector(`.${CSS.InternalServerErrorToggler}>[type=checkbox]`).checked = status === 500
@@ -220,14 +231,8 @@ function DelayRouteToggler({ broker }) {
 				checked,
 				onChange(event) {
 					const { method, urlMask } = parseFilename(this.name)
-					fetch(API.delay, {
-						method: 'PATCH',
-						body: JSON.stringify({
-							[DF.routeMethod]: method,
-							[DF.routeUrlMask]: urlMask,
-							[DF.delayed]: event.currentTarget.checked
-						})
-					})
+					mockaton.setRouteIsDelayed(method, urlMask, event.currentTarget.checked)
+						.catch(console.error)
 				}
 			}),
 			TimerIcon()))
@@ -254,12 +259,9 @@ function InternalServerErrorToggler({ broker }) {
 				name,
 				checked,
 				onChange(event) {
-					fetch(API.select, {
-						method: 'PATCH',
-						body: JSON.stringify(event.currentTarget.checked
-							? items.find(f => parseFilename(f).status === 500)
-							: items[0])
-					})
+					mockaton.select(event.currentTarget.checked
+						? items.find(f => parseFilename(f).status === 500)
+						: items[0])
 						.then(init)
 						.catch(console.error)
 				}

package/src/Mockaton.test.js

@@ -11,7 +11,7 @@ import { mimeFor } from './utils/mime.js'
 import { Mockaton } from './Mockaton.js'
 import { Commander } from './Commander.js'
 import { parseFilename } from './Filename.js'
-import { PreflightHeader } from './utils/http-cors.js'
+import { CorsHeader } from './utils/http-cors.js'
 import { API, DEFAULT_500_COMMENT, DEFAULT_MOCK_COMMENT } from './ApiConstants.js'
 
 
@@ -157,7 +157,6 @@ const server = Mockaton({
 	extraMimes: {
 		my_custom_extension: 'my_custom_mime'
 	},
-	corsAllowed: true,
 	corsOrigins: ['http://example.com']
 })
 server.on('listening', runTests)
@@ -224,11 +223,11 @@ async function runTests() {
 	await testMockDispatching(...fixtureCustomMime, 'my_custom_mime')
 	await testJsFunctionMocks()
 
-	await testCorsAllowed()
 	await testItUpdatesUserRole()
 	await testStaticFileServing()
 	await testInvalidFilenamesAreIgnored()
 	await testEnableFallbackSoRoutesWithoutMocksGetRelayed()
+	await testCorsAllowed()
 
 	server.close()
 }
@@ -438,19 +437,19 @@ async function testEnableFallbackSoRoutesWithoutMocksGetRelayed() {
 	})
 }
 
-// TODO make API for changing CORS? so we can automate testing?
 async function testCorsAllowed() {
 	await it('cors', async () => {
+		await commander.setCorsAllowed(true)
 		const res = await request('/does-not-matter', {
 			method: 'OPTIONS',
 			headers: {
-				[PreflightHeader.Origin]: 'http://example.com',
-				[PreflightHeader.AccessControlRequestMethod]: 'GET'
+				[CorsHeader.Origin]: 'http://example.com',
+				[CorsHeader.AccessControlRequestMethod]: 'GET'
 			}
 		})
 		equal(res.status, 204)
-		equal(res.headers.get(PreflightHeader.AccessControlAllowOrigin), 'http://example.com')
-		equal(res.headers.get(PreflightHeader.AccessControlAllowMethods), 'GET')
+		equal(res.headers.get(CorsHeader.AccessControlAllowOrigin), 'http://example.com')
+		equal(res.headers.get(CorsHeader.AccessControlAllowMethods), 'GET')
 	})
 }
 

package/src/mockaton-logo.svg

@@ -1,4 +1,12 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <svg version="1.1" viewBox="0 0 570 100" xmlns="http://www.w3.org/2000/svg">
- <path d="m77 0.27c2.7 0 6 1.3 9.1 2.6 2.9 1.1 4.2 3.3 4.2 6.5v84c0 3.8-2.4 5.8-7.2 5.8s-7.2-2-7.2-5.8v-63l-3.5-0.36-20 64c-0.92 2.9-3.2 4.2-6.6 4.1-1.5-0.079-2.9-0.47-4-1.2-1.2-0.71-2-1.8-2.3-3.2l-8.8-29-5.3-17c-1.8-5.8-3.7-13-5.8-20l-3.5 0.48v63c0 3.8-2.4 5.8-7.2 5.8s-7.2-2-7.2-5.8v-84c0-3.1 1.4-5.2 4.2-6.5 3.1-1.3 5.9-1.8 8.7-1.7 1.3 0 2.5 0.16 3.7 0.48 1.3 0.33 2.5 0.82 3.6 1.5 1.1 0.57 2.2 1.3 3.1 2.3 0.92 0.92 1.6 2 2.1 3.2l19 65c1.4-4.8 2.9-9.9 4.4-16 1.6-5.9 3.2-11 4.7-17 1.6-5.9 3.2-11 4.7-17 1.7-5.7 3.2-11 4.5-16 0.48-1.1 1.2-2.2 2.1-3.1 0.89-0.89 1.9-1.7 3.1-2.2 1.1-0.65 2.3-1.2 3.5-1.5 1.3-0.33 2.6-0.48 3.7-0.48m35 30h-0.12c2.1-1.4 4.2-2.6 6.5-3.5 2.3-0.89 4.5-1.4 6.6-1.4h20c2.1 0 4.2 0.46 6.5 1.4 2.3 0.92 4.5 2.1 6.6 3.5h-0.12c2.1 1.5 3.7 3.5 4.8 6.1 1.1 2.5 1.7 5.3 1.7 8.6v35c0 6.6-2.2 12-6.6 15-4.3 3.1-8.6 4.6-13 4.6h-20c-2.1 0-4.2-0.36-6.5-1.1-2.3-0.72-4.4-1.9-6.5-3.5-4.4-3.1-6.6-8-6.6-15v-35c0-3.3 0.56-6.1 1.7-8.6 1.1-2.5 2.8-4.5 4.8-6.1m31 57c3.1 0 5.1-0.86 6.3-2.6 1.3-1.7 2-3.5 2-5.5v-35c0-2.1-0.66-3.8-2-5.5-1.3-1.7-3.4-2.6-6.3-2.6h-15c-3.1 0-5.2 0.86-6.5 2.6-1.3 1.7-1.9 3.5-1.9 5.5v35c0 2 0.62 3.8 1.9 5.5 1.3 1.7 3.5 2.6 6.5 2.6zm96-7.9c0 6.6-2.2 12-6.6 15-4.3 3.1-8.6 4.6-13 4.6h-21c-4.3 0-8.6-1.6-13-4.6-2-1.7-3.5-3.6-4.5-6.1s-1.6-5.4-1.6-8.7v-35c0-6.6 2.1-12 6.1-15 2.1-1.5 4.1-2.6 6.2-3.5 2.2-0.92 4.2-1.4 6.3-1.4h21c2 0 4.1 0.39 6.5 1.2 2.4 0.72 4.5 1.8 6.6 3.1 2 1.4 3.5 3.3 4.6 5.7 1.3 2.5 1.9 5.3 1.9 8.7v6.1c0 3.8-2.3 5.8-6.7 5.8-4.4 0-6.7-2-6.7-5.8v-5.2c0-2.1-0.66-3.8-2-5.5-1.3-1.7-3.4-2.6-6.3-2.6h-15c-3.1 0-5.2 0.86-6.5 2.6-1.3 1.7-1.9 3.5-1.9 5.5v35c0 2 0.62 3.8 1.9 5.5 1.3 1.7 3.5 2.6 6.5 2.6h15c3.1 0 5.1-0.86 6.3-2.6 1.3-1.7 2-3.5 2-5.5v-5.6c0-3.8 2.3-5.7 6.7-5.7 4.4 0 6.7 1.9 6.7 5.7zm57-53v0.12c1.5-1.7 3-2.6 4.4-2.6 0.79 0 1.6 0.21 2.3 0.61 0.79 0.33 1.7 0.82 2.6 1.5h-0.12c2 1.7 3 3.3 3 4.8 0 0.57-0.12 1.2-0.36 2-0.25 0.65-0.64 1.2-1.2 1.7l-38 44v16c0 3.8-2.3 5.7-6.7 5.7-4.4 0-6.7-1.9-6.7-5.7v-87c0-3.8 2.3-5.8 6.7-5.8 4.4 0 6.7 2 6.7 5.8v51c2.1-2.5 4.2-5 6.7-7.8 2.5-2.9 4.9-5.7 7.4-8.6 2.5-3 4.9-5.8 7.4-8.6 2.5-2.9 4.7-5.4 6.8-7.9m12 64c0.57 1.1 0.86 2.2 0.86 3.3 0 2.1-1.2 3.6-3.6 4.7-1.7 0.99-3.2 1.5-4.4 1.5-0.92 0-1.8-0.33-2.6-0.98-0.79-0.57-1.5-1.3-2-2.2l-12-24c-0.72-1.3-1.1-2.5-1.1-3.6 0-2.1 1.1-3.7 3.2-5.1 0.57-0.4 1.1-0.77 1.7-1.1 0.65-0.33 1.4-0.56 2.1-0.73 0.92-0.17 1.8-0.0033 2.6 0.48 0.79 0.48 1.5 1.2 2.1 2zm30 8.2c-2.5 0-4.9-0.33-7.2-0.98-2.3-0.72-4.5-1.8-6.6-3.1v0.12c-4-2.5-6-7.1-6-14v-6c0-3.4 0.56-6.2 1.7-8.7 1.3-2.5 3-4.5 5-6h-0.12c2.1-1.4 4.2-2.4 6.5-3.1 2.3-0.72 4.5-1.1 6.6-1.1h27v-11c0-2.1-0.66-3.8-2-5.5-1.3-1.7-3.4-2.6-6.3-2.6h-14c-3.1 0-5.2 0.76-6.5 2.3-1.1 1.5-1.7 3.2-1.7 5.2v0.98c0 4.2-2.3 6.3-6.8 6.3-4.5 0-6.8-2.1-6.8-6.3v-1.1c0-3.4 0.56-6.1 1.7-8.4 1.3-2.3 2.9-4.2 4.8-5.7h-0.12c2.1-1.4 4.3-2.6 6.6-3.5 2.4-0.92 4.6-1.4 6.7-1.4h19c2.1 0 4.2 0.46 6.5 1.4 2.4 0.92 4.5 2.1 6.6 3.5h-0.12c2.1 1.5 3.7 3.5 4.8 6.1 1.1 2.5 1.7 5.3 1.7 8.6v49c0 3.8-2.3 5.8-6.7 5.8-0.92 0-1.8-0.04-2.6-0.12-0.72-0.079-1.4-0.29-2.1-0.61-0.57-0.4-1.1-0.94-1.5-1.6-0.33-0.72-0.48-1.7-0.48-2.8l-0.12-27h-25c-1.8 0-3.2 0.21-4.1 0.61s-1.8 1.1-2.3 2c-0.65 1.4-1.2 2.5-1.5 3.3-0.25 0.72-0.36 1.6-0.36 2.6v4.7c0 2.1 0.62 3.7 1.9 4.8 1.3 1.1 3.5 1.6 6.6 1.6h14c3.1 0 4.5 1.9 4.5 5.7 0 1.7-0.36 3.1-1.1 4.1-0.72 1.1-1.9 1.6-3.5 1.6zm72-62v44c0 2.1 0.46 3.7 1.4 4.8 0.92 1.1 2.9 1.7 5.7 1.7h3.2c3.2 0 4.6 1.9 4.5 5.6 0 3.8-1.5 5.7-4.5 5.7h-4c-2.7 0-5-0.33-7.3-0.98-2.3-0.72-4.5-1.8-6.6-3.1v0.12c-4-2.7-6-7.2-6-14v-44h-4.7c-3 0-4.5-1.9-4.6-5.7 0-3.8 1.6-5.7 4.6-5.7h4.7v-13c0-3.8 2.3-5.8 6.9-5.8 4.4 0 6.7 2 6.7 5.8v13h9.9c3.2 0 4.6 1.9 4.5 5.7 0 3.8-1.5 5.7-4.5 5.7zm32-7h-0.12c2.1-1.4 4.2-2.6 6.5-3.5 2.3-0.89 4.5-1.4 6.6-1.4h20c2.1 0 4.2 0.46 6.5 1.4 2.3 0.92 4.5 2.1 6.6 3.5h-0.12c2.1 1.5 3.7 3.5 4.8 6.1 1.1 2.5 1.7 5.3 1.7 8.6v35c0 6.6-2.2 12-6.6 15-4.3 3.1-8.6 4.6-13 4.6h-20c-2.1 0-4.2-0.36-6.5-1.1-2.3-0.72-4.4-1.9-6.5-3.5-4.4-3.1-6.6-8-6.6-15v-35c0-3.3 0.56-6.1 1.7-8.6 1.1-2.5 2.8-4.5 4.8-6.1m31 57c3.1 0 5.1-0.86 6.3-2.6 1.3-1.7 2-3.5 2-5.5v-35c0-2.1-0.66-3.8-2-5.5-1.3-1.7-3.4-2.6-6.3-2.6h-15c-3.1 0-5.2 0.86-6.5 2.6-1.3 1.7-1.9 3.5-1.9 5.5v35c0 2 0.62 3.8 1.9 5.5 1.3 1.7 3.5 2.6 6.5 2.6zm80-48 0.12 0.12c-1.1-2-3.3-3-6.5-3h-15c-3.4 0-5.5 0.99-6.6 3-1.1 1.7-1.7 3.7-1.7 6l-0.32 48c0 3.8-2.3 5.8-6.7 5.8-4.4 0-6.7-2-6.7-5.8v-49c0-3.4 0.52-6.2 1.6-8.7 1.1-2.5 2.8-4.4 5-6 4.3-3.1 8.6-4.6 13-4.6h20c4.1 0 8.4 1.6 13 4.6 4.4 3.1 6.6 8 6.6 15v49c0 3.8-2.3 5.8-6.7 5.8s-6.7-2-6.7-5.8v-48c0-2.1-0.66-4.1-2-6.1" aria-label="Mockaton"/>
+	<style>
+		:root { --color: #000000; }
+		@media (prefers-color-scheme: light) { :root { --color: #000000 } }
+		@media (prefers-color-scheme: dark) { :root { --color: #fff } }
+		path { fill: var(--color) }
+	</style>
+	<path
+		d="m88.6 11.5v82.2c0 3.75-2.37 5.72-7.1 5.72s-7.1-1.97-7.1-5.72v-61.5c-0.0468-1.83-2.74-2.4-3.45-0.355l-19.7 63.1c-0.907 2.86-3.15 4.14-6.51 4.04-1.48-0.0779-2.86-0.463-3.94-1.18-1.18-0.7-1.97-1.77-2.27-3.15-4.54-15.1-9.2-30.3-13.9-45.4-1.77-5.72-3.65-12.8-5.72-19.7-0.741-1.97-3.33-2.17-3.45 0.473v63.6c0 3.75-2.37 5.72-7.1 5.72-4.73 0-7.1-1.97-7.1-5.72v-84.3c0-2.34 1.07-5.37 3.83-6.65 3.06-1.28 6.12-1.65 8.88-1.55 1.28 0 2.46 0.28 3.65 0.596 1.28 0.325 2.46 0.808 3.55 1.48 1.08 0.562 2.17 1.28 3.06 2.27 0.907 0.907 1.58 1.97 2.07 3.15l18.7 64.1c1.89-6.49 13.2-47.7 13.6-49.3 1.68-5.62 3.15-10.8 4.44-15.8 0.473-1.08 1.18-2.17 2.07-3.06 0.877-0.877 1.87-1.68 3.06-2.17 1.08-0.641 2.27-1.18 3.45-1.48 1.28-0.325 3.85-0.403 4.94-0.403 4.75 0.438 12 3.73 12 11zm21.1 18.6c2.07-1.38 4.14-2.56 6.41-3.45 2.27-0.877 4.44-1.38 6.51-1.38h19.7c2.07 0 4.14 0.454 6.41 1.38 2.27 0.907 4.44 2.07 6.45 3.5 2.01 1.43 3.59 3.4 4.67 5.96 1.08 2.46 1.68 5.23 1.68 8.48v34.5c0 6.51-2.17 11.8-6.51 14.8-4.24 3.06-8.48 4.54-12.8 4.54h-19.7c-2.07 0-4.14-0.355-6.41-1.08-2.27-0.71-4.34-1.87-6.41-3.45-4.34-3.06-6.51-7.89-6.51-14.8v-34.5c0-3.25 0.552-6.01 1.68-8.48 1.08-2.46 2.76-4.44 4.85-6.01zm30.4 56.2c3.06 0 5.03-0.848 6.21-2.56 1.28-1.68 1.97-3.45 1.97-5.42v-34.5c0-2.07-0.651-3.75-1.97-5.42-1.28-1.68-3.35-2.56-6.21-2.56h-14.8c-3.06 0-5.13 0.848-6.41 2.56-1.28 1.68-1.87 3.45-1.87 5.42v34.5c0 1.97 0.611 3.75 1.87 5.42 1.28 1.68 3.45 2.56 6.41 2.56zm94.6-7.79c0 6.51-2.17 11.8-6.51 14.8-4.24 3.06-8.48 4.54-12.8 4.54h-20.7c-4.24 0-8.48-1.58-12.8-4.54-1.97-1.68-3.45-3.55-4.44-6.01-0.986-2.46-1.58-5.32-1.58-8.58v-34.5c0-6.51 2.07-11.8 6.01-14.8 2.07-1.48 4.04-2.56 6.11-3.45 2.17-0.907 4.14-1.38 6.21-1.38h20.7c1.97 0 4.04 0.384 6.41 1.18 2.37 0.71 4.44 1.77 6.51 3.06 1.97 1.38 3.45 3.25 4.54 5.62 1.28 2.46 1.87 5.23 1.87 8.58v6.01c0 3.75-2.27 5.72-6.61 5.72s-6.61-1.97-6.61-5.72v-5.13c0-2.07-0.651-3.75-1.97-5.42-1.28-1.68-3.35-2.56-6.21-2.56h-14.8c-3.06 0-5.13 0.848-6.41 2.56-1.28 1.68-1.87 3.45-1.87 5.42v34.5c0 1.97 0.611 3.75 1.87 5.42 1.28 1.68 3.45 2.56 6.41 2.56h14.8c3.06 0 5.03-0.848 6.21-2.56 1.28-1.68 1.97-3.45 1.97-5.42v-5.52c0-3.75 2.27-5.62 6.61-5.62s6.61 1.87 6.61 5.62zm60.5-54.7c0.779 0 1.58 0.207 2.27 0.601 0.779 0.325 1.68 0.808 3.05 1.98s2.36 2.75 2.36 4.23c0 0.562-0.118 1.18-0.355 1.97-0.246 0.641-0.631 1.18-1.18 1.68l-37.5 43.4v15.8c0 3.75-2.27 5.62-6.61 5.62s-6.61-1.87-6.61-5.62v-85.8c0-3.75 2.27-5.72 6.61-5.72s6.61 1.97 6.61 5.72v50.3c2.07-2.46 4.14-4.93 6.61-7.69 2.46-2.86 4.83-5.62 7.3-8.48 2.46-2.96 4.83-5.72 7.3-8.48 2.46-2.86 4.63-5.32 6.62-7.8 0.656-0.789 2.13-1.68 3.51-1.68zm8.4 64.8c0.562 1.08 0.848 2.17 0.848 3.25 0 2.07-1.18 3.55-3.55 4.63-1.68 0.976-3.15 1.48-4.34 1.48-0.907 0-1.77-0.325-2.56-0.966-0.779-0.562-1.48-1.28-1.97-2.17l-11.8-23.7c-0.71-1.28-1.08-2.46-1.08-3.55 0-2.07 1.08-3.65 3.15-5.03 0.562-0.394 1.08-0.759 1.68-1.08 0.641-0.325 1.38-0.552 2.07-0.72 0.907-0.168 1.77-0.0033 2.56 0.473 0.779 0.473 1.48 1.18 2.07 1.97zm29.6 8.08c-2.46 0-4.83-0.325-7.1-0.966-2.27-0.71-4.44-1.77-7.44-3.59-3.01-1.81-4.98-6.35-4.98-13.2v-5.92c0-3.35 0.552-6.11 1.68-8.58 1.28-2.46 2.96-4.44 4.92-5.87 1.96-1.43 4.03-2.42 6.3-3.11 2.27-0.71 4.44-1.08 6.51-1.08h26.6v-10.8c0-2.07-0.651-3.75-1.97-5.42-1.28-1.68-3.35-2.56-6.21-2.56h-13.8c-3.06 0-5.13 0.749-6.41 2.27-1.08 1.48-1.68 3.15-1.68 5.13v0.966c0 4.14-2.27 6.21-6.7 6.21s-6.7-2.07-6.7-6.21v-1.08c0-3.35 0.552-6.01 1.68-8.28 1.28-2.27 2.86-4.14 4.73-5.62h-0.118c2.07-1.38 4.24-2.56 6.51-3.45 2.37-0.907 4.54-1.38 6.61-1.38h18.7c2.07 0 4.14 0.454 6.41 1.38 2.37 0.907 4.44 2.07 6.51 3.45h-0.118c2.07 1.48 3.65 3.45 4.73 6.01 1.08 2.46 1.68 5.23 1.68 8.48v48.3c0 3.75-2.27 5.72-6.61 5.72-0.907 0-1.77-0.0394-2.56-0.118-0.71-0.0779-1.38-0.286-2.07-0.601-0.562-0.394-1.08-0.927-1.48-1.58-0.325-0.71-0.473-1.68-0.473-2.76l-0.118-26.6h-24.6c-1.77 0-3.15 0.207-4.04 0.601-4.09 1.83-4.1 7.7-4.1 7.79v4.63c0 2.07 0.611 3.65 1.87 4.73 1.28 1.08 3.45 1.58 6.51 1.58h13.8c3.06 0 4.44 1.87 4.44 5.62 0 1.68-0.355 3.06-1.08 4.04-0.71 1.08-1.87 1.58-3.45 1.58zm71-61.1v43.4c0 2.07 0.454 3.65 1.38 4.73 0.907 1.08 2.86 1.68 5.62 1.68h3.15c3.15 0 4.54 1.87 4.44 5.52 0 3.75-1.48 5.62-4.44 5.62h-3.94c-2.66 0-4.93-0.325-7.2-0.966-2.27-0.71-4.44-1.77-6.51-3.06v0.118c-3.94-2.66-5.92-7.1-5.92-13.8v-43.4h-4.63c-2.96 0-4.44-1.87-4.54-5.62 0-3.75 1.58-5.62 4.54-5.62h4.63v-12.8c0-3.75 2.27-5.72 6.8-5.72 4.34 0 6.61 1.97 6.61 5.72v12.8h9.76c3.15 0 4.54 1.87 4.44 5.62 0 3.75-1.48 5.62-4.44 5.62zm37.8-10.4c2.27-0.877 4.44-1.38 6.51-1.38h19.7c2.07 0 4.14 0.454 6.41 1.38 2.27 0.907 4.44 2.07 6.45 3.5 2.01 1.43 3.59 3.4 4.67 5.96 1.08 2.46 1.68 5.23 1.68 8.48v34.5c0 6.51-2.17 11.8-6.51 14.8-4.24 3.06-8.48 4.54-12.8 4.54h-19.7c-2.07 0-4.14-0.355-6.41-1.08-2.27-0.71-4.34-1.87-6.41-3.45-4.34-3.06-6.51-7.89-6.51-14.8v-34.5c0-3.25 0.552-6.01 1.68-8.48 1.08-2.46 2.76-4.44 4.84-5.92s4.15-2.66 6.42-3.55zm24 59.6c3.06 0 5.03-0.848 6.21-2.56 1.28-1.68 1.97-3.45 1.97-5.42v-34.5c0-2.07-0.651-3.75-1.97-5.42-1.28-1.68-3.35-2.56-6.21-2.56h-14.8c-3.06 0-5.13 0.848-6.41 2.56-1.28 1.68-1.87 3.45-1.87 5.42v34.5c0 1.97 0.611 3.75 1.87 5.42 1.28 1.68 3.45 2.56 6.41 2.56zm72.6-50.2h-14.8c-3.35 0-5.42 0.976-6.51 2.96-1.08 1.68-1.68 3.65-1.68 5.92l-0.315 47.3c0 3.75-2.27 5.72-6.61 5.72-4.34 0-6.61-1.97-6.61-5.72v-48.3c0-3.35 0.513-6.11 1.58-8.58 1.08-2.46 2.76-4.34 4.93-5.92 4.24-3.06 8.48-4.54 12.8-4.54h19.7c4.04 0 8.28 1.58 12.8 4.54 4.34 3.06 6.51 7.89 6.51 14.8v48.3c0 3.75-2.27 5.72-6.61 5.72s-6.61-1.97-6.61-5.72v-47.3c0-2.07-0.651-4.04-1.99-6.11-1.34-2.07-3.51-3.06-6.66-3.06z"
+		aria-label="Mockaton"/>
 </svg>

package/src/utils/http-cors.js

@@ -2,7 +2,7 @@ import { StandardMethods } from './http-request.js'
 
 // https://www.w3.org/TR/2020/SPSD-cors-20200602/#resource-processing-model
 
-export const PreflightHeader = {
+export const CorsHeader = {
 	// request
 	Origin: 'origin',
 	AccessControlRequestMethod: 'access-control-request-method',
@@ -16,13 +16,13 @@ export const PreflightHeader = {
 	AccessControlExposeHeaders: 'Access-Control-Expose-Headers', // '*' | Comma delimited 
 	AccessControlAllowCredentials: 'Access-Control-Allow-Credentials' // 'true'
 }
-const PH = PreflightHeader
+const CH = CorsHeader
 
 
 export function isPreflight(req) {
 	return req.method === 'OPTIONS'
-		&& URL.canParse(req.headers[PH.Origin])
-		&& StandardMethods.includes(req.headers[PH.AccessControlRequestMethod])
+		&& URL.canParse(req.headers[CH.Origin])
+		&& StandardMethods.includes(req.headers[CH.AccessControlRequestMethod])
 }
 
 
@@ -34,16 +34,16 @@ export function setCorsHeaders(req, response, {
 	credentials = false,
 	maxAge = 0
 }) {
-	const reqOrigin = req.headers[PH.Origin]
+	const reqOrigin = req.headers[CH.Origin]
 	const hasWildcard = origins.some(ao => ao === '*')
 	if (!reqOrigin || (!hasWildcard && !origins.includes(reqOrigin)))
 		return
-	response.setHeader(PH.AccessControlAllowOrigin, reqOrigin) // Never '*', so no need to `Vary` it
+	response.setHeader(CH.AccessControlAllowOrigin, reqOrigin) // Never '*', so no need to `Vary` it
 
 	if (credentials)
-		response.setHeader(PH.AccessControlAllowCredentials, 'true')
+		response.setHeader(CH.AccessControlAllowCredentials, 'true')
 
-	if (req.headers[PH.AccessControlRequestMethod])
+	if (req.headers[CH.AccessControlRequestMethod])
 		setPreflightSpecificHeaders(req, response, methods, headers, maxAge)
 	else
 		setActualRequestHeaders(response, exposedHeaders)
@@ -51,20 +51,19 @@ export function setCorsHeaders(req, response, {
 
 
 function setPreflightSpecificHeaders(req, response, methods, headers, maxAge) {
-	const methodAskingFor = req.headers[PH.AccessControlRequestMethod]
+	const methodAskingFor = req.headers[CH.AccessControlRequestMethod]
 	if (!methods.includes(methodAskingFor))
 		return
 
-	response.setHeader(PH.AccessControlAllowMethods, methodAskingFor)
+	response.setHeader(CH.AccessControlMaxAge, maxAge)
+	response.setHeader(CH.AccessControlAllowMethods, methodAskingFor)
 	if (headers.length)
-		response.setHeader(PH.AccessControlAllowHeaders, headers.join(','))
-
-	response.setHeader(PH.AccessControlMaxAge, maxAge)
+		response.setHeader(CH.AccessControlAllowHeaders, headers.join(','))
 }
 
 
 function setActualRequestHeaders(response, exposedHeaders) {
 	// Exposed means the client-side JavaScript can read them
 	if (exposedHeaders.length)
-		response.setHeader(PH.AccessControlExposeHeaders, exposedHeaders.join(','))
+		response.setHeader(CH.AccessControlExposeHeaders, exposedHeaders.join(','))
 }

package/src/utils/http-cors.test.js

@@ -2,7 +2,7 @@ import { equal } from 'node:assert/strict'
 import { promisify } from 'node:util'
 import { createServer } from 'node:http'
 import { describe, it, after } from 'node:test'
-import { isPreflight, setCorsHeaders, PreflightHeader as PH } from './http-cors.js'
+import { isPreflight, setCorsHeaders, CorsHeader as CH } from './http-cors.js'
 
 
 function headerIs(response, header, value) {
@@ -40,8 +40,8 @@ await describe('CORS', async () => {
 
 	await describe('Identifies Preflight Requests', async () => {
 		const requiredRequestHeaders = {
-			[PH.Origin]: 'http://locahost:9999',
-			[PH.AccessControlRequestMethod]: 'POST'
+			[CH.Origin]: 'http://locahost:9999',
+			[CH.AccessControlRequestMethod]: 'POST'
 		}
 
 		await it('Ignores non-OPTIONS requests', async () => {
@@ -49,26 +49,26 @@ await describe('CORS', async () => {
 			equal(await res.text(), 'NON_PREFLIGHT')
 		})
 
-		await it(`Ignores non-parseable req ${PH.Origin} header`, async () => {
+		await it(`Ignores non-parseable req ${CH.Origin} header`, async () => {
 			const headers = {
 				...requiredRequestHeaders,
-				[PH.Origin]: 'non-url'
+				[CH.Origin]: 'non-url'
 			}
 			const res = await preflight(headers)
 			equal(await res.text(), 'NON_PREFLIGHT')
 		})
 
-		await it(`Ignores missing method in ${PH.AccessControlRequestMethod} header`, async () => {
+		await it(`Ignores missing method in ${CH.AccessControlRequestMethod} header`, async () => {
 			const headers = { ...requiredRequestHeaders }
-			delete headers[PH.AccessControlRequestMethod]
+			delete headers[CH.AccessControlRequestMethod]
 			const res = await preflight(headers)
 			equal(await res.text(), 'NON_PREFLIGHT')
 		})
 
-		await it(`Ignores non-standard method in ${PH.AccessControlRequestMethod} header`, async () => {
+		await it(`Ignores non-standard method in ${CH.AccessControlRequestMethod} header`, async () => {
 			const headers = {
 				...requiredRequestHeaders,
-				[PH.AccessControlRequestMethod]: 'NON_STANDARD'
+				[CH.AccessControlRequestMethod]: 'NON_STANDARD'
 			}
 			const res = await preflight(headers)
 			equal(await res.text(), 'NON_PREFLIGHT')
@@ -87,14 +87,14 @@ await describe('CORS', async () => {
 				methods: ['GET']
 			}
 			const p = await preflight({
-				[PH.Origin]: FooDotCom,
-				[PH.AccessControlRequestMethod]: 'GET'
+				[CH.Origin]: FooDotCom,
+				[CH.AccessControlRequestMethod]: 'GET'
 			})
-			headerIs(p, PH.AccessControlAllowOrigin, null)
-			headerIs(p, PH.AccessControlAllowMethods, null)
-			headerIs(p, PH.AccessControlAllowCredentials, null)
-			headerIs(p, PH.AccessControlAllowHeaders, null)
-			headerIs(p, PH.AccessControlMaxAge, null)
+			headerIs(p, CH.AccessControlAllowOrigin, null)
+			headerIs(p, CH.AccessControlAllowMethods, null)
+			headerIs(p, CH.AccessControlAllowCredentials, null)
+			headerIs(p, CH.AccessControlAllowHeaders, null)
+			headerIs(p, CH.AccessControlMaxAge, null)
 		})
 
 		await it('not in allowed origins', async () => {
@@ -103,13 +103,13 @@ await describe('CORS', async () => {
 				methods: ['GET']
 			}
 			const p = await preflight({
-				[PH.Origin]: NotAllowedDotCom,
-				[PH.AccessControlRequestMethod]: 'GET'
+				[CH.Origin]: NotAllowedDotCom,
+				[CH.AccessControlRequestMethod]: 'GET'
 			})
-			headerIs(p, PH.AccessControlAllowOrigin, null)
-			headerIs(p, PH.AccessControlAllowMethods, null)
-			headerIs(p, PH.AccessControlAllowCredentials, null)
-			headerIs(p, PH.AccessControlAllowHeaders, null)
+			headerIs(p, CH.AccessControlAllowOrigin, null)
+			headerIs(p, CH.AccessControlAllowMethods, null)
+			headerIs(p, CH.AccessControlAllowCredentials, null)
+			headerIs(p, CH.AccessControlAllowHeaders, null)
 		})
 
 		await it('origin and method match', async () => {
@@ -118,13 +118,13 @@ await describe('CORS', async () => {
 				methods: ['GET']
 			}
 			const p = await preflight({
-				[PH.Origin]: AllowedDotCom,
-				[PH.AccessControlRequestMethod]: 'GET'
+				[CH.Origin]: AllowedDotCom,
+				[CH.AccessControlRequestMethod]: 'GET'
 			})
-			headerIs(p, PH.AccessControlAllowOrigin, AllowedDotCom)
-			headerIs(p, PH.AccessControlAllowMethods, 'GET')
-			headerIs(p, PH.AccessControlAllowCredentials, null)
-			headerIs(p, PH.AccessControlAllowHeaders, null)
+			headerIs(p, CH.AccessControlAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AccessControlAllowMethods, 'GET')
+			headerIs(p, CH.AccessControlAllowCredentials, null)
+			headerIs(p, CH.AccessControlAllowHeaders, null)
 		})
 
 		await it('origin matches from multiple', async () => {
@@ -133,13 +133,13 @@ await describe('CORS', async () => {
 				methods: ['GET']
 			}
 			const p = await preflight({
-				[PH.Origin]: AllowedDotCom,
-				[PH.AccessControlRequestMethod]: 'GET'
+				[CH.Origin]: AllowedDotCom,
+				[CH.AccessControlRequestMethod]: 'GET'
 			})
-			headerIs(p, PH.AccessControlAllowOrigin, AllowedDotCom)
-			headerIs(p, PH.AccessControlAllowMethods, 'GET')
-			headerIs(p, PH.AccessControlAllowCredentials, null)
-			headerIs(p, PH.AccessControlAllowHeaders, null)
+			headerIs(p, CH.AccessControlAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AccessControlAllowMethods, 'GET')
+			headerIs(p, CH.AccessControlAllowCredentials, null)
+			headerIs(p, CH.AccessControlAllowHeaders, null)
 		})
 
 		await it('wildcard origin', async () => {
@@ -148,13 +148,13 @@ await describe('CORS', async () => {
 				methods: ['GET']
 			}
 			const p = await preflight({
-				[PH.Origin]: FooDotCom,
-				[PH.AccessControlRequestMethod]: 'GET'
+				[CH.Origin]: FooDotCom,
+				[CH.AccessControlRequestMethod]: 'GET'
 			})
-			headerIs(p, PH.AccessControlAllowOrigin, FooDotCom)
-			headerIs(p, PH.AccessControlAllowMethods, 'GET')
-			headerIs(p, PH.AccessControlAllowCredentials, null)
-			headerIs(p, PH.AccessControlAllowHeaders, null)
+			headerIs(p, CH.AccessControlAllowOrigin, FooDotCom)
+			headerIs(p, CH.AccessControlAllowMethods, 'GET')
+			headerIs(p, CH.AccessControlAllowCredentials, null)
+			headerIs(p, CH.AccessControlAllowHeaders, null)
 		})
 
 		await it(`wildcard and credentials`, async () => {
@@ -164,13 +164,13 @@ await describe('CORS', async () => {
 				credentials: true
 			}
 			const p = await preflight({
-				[PH.Origin]: FooDotCom,
-				[PH.AccessControlRequestMethod]: 'GET'
+				[CH.Origin]: FooDotCom,
+				[CH.AccessControlRequestMethod]: 'GET'
 			})
-			headerIs(p, PH.AccessControlAllowOrigin, FooDotCom)
-			headerIs(p, PH.AccessControlAllowMethods, 'GET')
-			headerIs(p, PH.AccessControlAllowCredentials, 'true')
-			headerIs(p, PH.AccessControlAllowHeaders, null)
+			headerIs(p, CH.AccessControlAllowOrigin, FooDotCom)
+			headerIs(p, CH.AccessControlAllowMethods, 'GET')
+			headerIs(p, CH.AccessControlAllowCredentials, 'true')
+			headerIs(p, CH.AccessControlAllowHeaders, null)
 		})
 
 		await it(`wildcard, credentials, and headers`, async () => {
@@ -181,13 +181,13 @@ await describe('CORS', async () => {
 				headers: ['content-type', 'my-header']
 			}
 			const p = await preflight({
-				[PH.Origin]: FooDotCom,
-				[PH.AccessControlRequestMethod]: 'GET'
+				[CH.Origin]: FooDotCom,
+				[CH.AccessControlRequestMethod]: 'GET'
 			})
-			headerIs(p, PH.AccessControlAllowOrigin, FooDotCom)
-			headerIs(p, PH.AccessControlAllowMethods, 'GET')
-			headerIs(p, PH.AccessControlAllowCredentials, 'true')
-			headerIs(p, PH.AccessControlAllowHeaders, 'content-type,my-header')
+			headerIs(p, CH.AccessControlAllowOrigin, FooDotCom)
+			headerIs(p, CH.AccessControlAllowMethods, 'GET')
+			headerIs(p, CH.AccessControlAllowCredentials, 'true')
+			headerIs(p, CH.AccessControlAllowHeaders, 'content-type,my-header')
 		})
 	})
 
@@ -198,12 +198,12 @@ await describe('CORS', async () => {
 				methods: ['GET']
 			}
 			const p = await request({
-				[PH.Origin]: NotAllowedDotCom
+				[CH.Origin]: NotAllowedDotCom
 			})
 			equal(p.status, 200)
-			headerIs(p, PH.AccessControlAllowOrigin, null)
-			headerIs(p, PH.AccessControlAllowCredentials, null)
-			headerIs(p, PH.AccessControlExposeHeaders, null)
+			headerIs(p, CH.AccessControlAllowOrigin, null)
+			headerIs(p, CH.AccessControlAllowCredentials, null)
+			headerIs(p, CH.AccessControlExposeHeaders, null)
 		})
 
 		await it('origin allowed', async () => {
@@ -214,12 +214,12 @@ await describe('CORS', async () => {
 				exposedHeaders: ['x-h1', 'x-h2']
 			}
 			const p = await request({
-				[PH.Origin]: AllowedDotCom
+				[CH.Origin]: AllowedDotCom
 			})
 			equal(p.status, 200)
-			headerIs(p, PH.AccessControlAllowOrigin, AllowedDotCom)
-			headerIs(p, PH.AccessControlAllowCredentials, 'true')
-			headerIs(p, PH.AccessControlExposeHeaders, 'x-h1,x-h2')
+			headerIs(p, CH.AccessControlAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AccessControlAllowCredentials, 'true')
+			headerIs(p, CH.AccessControlExposeHeaders, 'x-h1,x-h2')
 		})
 	})
 })

package/src/utils/validate.js

@@ -1,7 +1,7 @@
 export function validate(obj, shape) {
 	for (const [field, value] of Object.entries(obj))
 		if (!shape[field](value))
-			throw new TypeError(`${field} ${value}`)
+			throw new TypeError(`Config.${field}=${JSON.stringify(value)} is invalid`)
 }
 
 export const is = ctor => val => val.constructor === ctor