scratchfoundation/restify-cors-middleware
1
0
Fork 0
mirror of https://github.com/scratchfoundation/restify-cors-middleware.git synced 2024-12-18 03:43:09 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add option to specify the preflight max age

Browse source
This commit is contained in:
nguyenchr 2014-10-10 18:14:36 +11:00
parent f07428823e
commit 5ce0bf7764
3 changed files with 18 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -8,6 +8,7 @@
var corsMiddleware = require('restify-cors-middleware');
var cors = corsMiddleware({
preflightMaxAge: 5 //Optional
origins: ['http://api.myapp.com', 'http://web.myapp.com'],
allowHeaders: ['API-Token'],
exposeHeaders: ['API-Token-Expiry']

6
src/preflight.js
View file

@ -42,6 +42,11 @@ exports.handler = function(options) {
res.header('Access-Control-Allow-Origin', originHeader);
res.header('Access-Control-Allow-Credentials', true);
// 6.2.8
if (options.preflightMaxAge) {
res.header('Access-Control-Max-Age', options.preflightMaxAge);
}
// 6.2.9
res.header('Access-Control-Allow-Methods', allowedMethods.join(', '));
@ -54,4 +59,3 @@ exports.handler = function(options) {
};
};

14
test/cors.preflight.spec.js
View file

@ -84,8 +84,18 @@ describe('CORS: preflight requests', function() {
.end(done);
});
xit('6.2.8 Access-Control-Max-Age not supported', function(done) {
done();
it('6.2.8 Set the Access-Control-Max-Age header if a max age is provided', function(done) {
var server = test.corsServer({
preflightMaxAge: 5,
origins: ['http://api.myapp.com', 'http://www.myapp.com']
});
request(server)
.options('/test')
.set('Origin', 'http://api.myapp.com')
.set('Access-Control-Request-Method', 'GET')
.expect('Access-Control-Max-Age', '5')
.expect(204)
.end(done);
});
it('6.2.9 Set the Allow-Method header', function(done) {