mirror of
https://github.com/scratchfoundation/restify-cors-middleware.git
synced 2024-12-21 13:22:26 -05:00
Merge pull request #3 from TabDigital/Max-age-support
Add option to specify the preflight max age
This commit is contained in:
commit
1454782381
3 changed files with 18 additions and 3 deletions
|
@ -8,6 +8,7 @@
|
||||||
var corsMiddleware = require('restify-cors-middleware');
|
var corsMiddleware = require('restify-cors-middleware');
|
||||||
|
|
||||||
var cors = corsMiddleware({
|
var cors = corsMiddleware({
|
||||||
|
preflightMaxAge: 5 //Optional
|
||||||
origins: ['http://api.myapp.com', 'http://web.myapp.com'],
|
origins: ['http://api.myapp.com', 'http://web.myapp.com'],
|
||||||
allowHeaders: ['API-Token'],
|
allowHeaders: ['API-Token'],
|
||||||
exposeHeaders: ['API-Token-Expiry']
|
exposeHeaders: ['API-Token-Expiry']
|
||||||
|
|
|
@ -42,6 +42,11 @@ exports.handler = function(options) {
|
||||||
res.header('Access-Control-Allow-Origin', originHeader);
|
res.header('Access-Control-Allow-Origin', originHeader);
|
||||||
res.header('Access-Control-Allow-Credentials', true);
|
res.header('Access-Control-Allow-Credentials', true);
|
||||||
|
|
||||||
|
// 6.2.8
|
||||||
|
if (options.preflightMaxAge) {
|
||||||
|
res.header('Access-Control-Max-Age', options.preflightMaxAge);
|
||||||
|
}
|
||||||
|
|
||||||
// 6.2.9
|
// 6.2.9
|
||||||
res.header('Access-Control-Allow-Methods', allowedMethods.join(', '));
|
res.header('Access-Control-Allow-Methods', allowedMethods.join(', '));
|
||||||
|
|
||||||
|
@ -54,4 +59,3 @@ exports.handler = function(options) {
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -84,8 +84,18 @@ describe('CORS: preflight requests', function() {
|
||||||
.end(done);
|
.end(done);
|
||||||
});
|
});
|
||||||
|
|
||||||
xit('6.2.8 Access-Control-Max-Age not supported', function(done) {
|
it('6.2.8 Set the Access-Control-Max-Age header if a max age is provided', function(done) {
|
||||||
done();
|
var server = test.corsServer({
|
||||||
|
preflightMaxAge: 5,
|
||||||
|
origins: ['http://api.myapp.com', 'http://www.myapp.com']
|
||||||
|
});
|
||||||
|
request(server)
|
||||||
|
.options('/test')
|
||||||
|
.set('Origin', 'http://api.myapp.com')
|
||||||
|
.set('Access-Control-Request-Method', 'GET')
|
||||||
|
.expect('Access-Control-Max-Age', '5')
|
||||||
|
.expect(204)
|
||||||
|
.end(done);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('6.2.9 Set the Allow-Method header', function(done) {
|
it('6.2.9 Set the Allow-Method header', function(done) {
|
||||||
|
|
Loading…
Reference in a new issue