@@ -20,43 +20,27 @@ const DEFAULT_ALLOW_HEADERS = [
2020
2121const DEFAULT_MAX_AGE_SECONDS = 60 * 60 * 24 // 24 hours
2222
23- const cors = options => handler => ( req , res , ...restArgs ) => {
23+ const cors = ( options = { } ) => handler => ( req , res , ...restArgs ) => {
2424 const {
25- maxAge,
26- origin,
27- allowHeaders,
28- exposeHeaders,
29- allowMethods
30- } = ( options || { } )
31-
32- res . setHeader (
33- 'Access-Control-Max-Age' ,
34- '' + ( maxAge || DEFAULT_MAX_AGE_SECONDS )
35- )
36-
37- res . setHeader (
38- 'Access-Control-Allow-Origin' ,
39- ( origin || '*' )
40- )
41-
42- res . setHeader (
43- 'Access-Control-Allow-Methods' ,
44- ( allowMethods || DEFAULT_ALLOW_METHODS ) . join ( ',' )
45- )
46-
47- res . setHeader (
48- 'Access-Control-Allow-Headers' ,
49- ( allowHeaders || DEFAULT_ALLOW_HEADERS ) . join ( ',' )
50- )
51-
52- if ( exposeHeaders && exposeHeaders . length ) {
53- res . setHeader (
54- 'Access-Control-Expose-Headers' ,
55- exposeHeaders . join ( ',' )
56- )
25+ origin = '*' ,
26+ maxAge = DEFAULT_MAX_AGE_SECONDS ,
27+ allowMethods = DEFAULT_ALLOW_METHODS ,
28+ allowHeaders = DEFAULT_ALLOW_HEADERS ,
29+ exposeHeaders = [ ]
30+ } = options
31+
32+ res . setHeader ( 'Access-Control-Allow-Origin' , origin )
33+ res . setHeader ( 'Access-Control-Allow-Credentials' , 'true' )
34+ if ( exposeHeaders . length ) {
35+ res . setHeader ( 'Access-Control-Expose-Headers' , exposeHeaders . join ( ',' ) )
5736 }
5837
59- res . setHeader ( 'Access-Control-Allow-Credentials' , 'true' )
38+ const preFlight = req . method === 'OPTIONS'
39+ if ( preFlight ) {
40+ res . setHeader ( 'Access-Control-Allow-Methods' , allowMethods . join ( ',' ) )
41+ res . setHeader ( 'Access-Control-Allow-Headers' , allowHeaders . join ( ',' ) )
42+ res . setHeader ( 'Access-Control-Max-Age' , String ( maxAge ) )
43+ }
6044
6145 return handler ( req , res , ...restArgs )
6246}
0 commit comments