scratchfoundation/restify-cors-middleware
1
0
Fork 0
mirror of https://github.com/scratchfoundation/restify-cors-middleware.git synced 2024-12-18 03:43:09 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #40 from aahoughton/master

Browse source 
allow regexp for origins
This commit is contained in:
William Blankenship 2017-10-31 11:09:17 -07:00 committed by GitHub
commit dce35f4a8c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -31,12 +31,13 @@ server.use(cors.actual)
## Allowed origins
You can specify the full list of domains and subdomains allowed in your application:
You can specify the full list of domains and subdomains allowed in your application, using strings or regular expressions.
```js
origins: [
'http://myapp.com',
'http://*.myapp.com'
'http://*.myapp.com',
/^https?:\/\/myapp.com(:[\d]+)?$/
]
```

4
src/origin-matcher.js
View file

@ -13,7 +13,9 @@ exports.create = function (allowedOrigins) {
}
function createMatcher (allowedOrigin) {
if (allowedOrigin.indexOf('*') === -1) {
if (allowedOrigin instanceof RegExp) {
return requestOrigin => requestOrigin.match(allowedOrigin)
} else if (allowedOrigin.indexOf('*') === -1) {
// simple string comparison
return requestOrigin => requestOrigin === allowedOrigin
} else {

6
test/origin.spec.js
View file

@ -52,4 +52,10 @@ describe('Origin list', function () {
var matcher = originMatcher.create(list)
matcher('http://random-website.com').should.eql(false)
})
it('supports regular expressions', function () {
var list = ['http://api.myapp.com', /https?:\/\/example.com(:8888)?/]
var matcher = originMatcher.create(list)
matcher('https://example.com:8888').should.eql(true)
})
})