/
index.coffee
33 lines (31 loc) · 1.25 KB
/
index.coffee
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
module.exports = (server, opts) ->
headers = 'X-Requested-With, Cookie, Set-Cookie, Accept, Access-Control-Allow-Credentials, Origin, Content-Type, Request-Id , X-Api-Version, X-Request-Id, Authorization'
headers += ', ' + opts.headers if opts?.headers
# CORS headers
server.use (req, res, next) ->
if req.headers.origin
res.header 'Access-Control-Allow-Origin', req.headers.origin
res.header 'Access-Control-Allow-Credentials', 'true'
res.header 'Access-Control-Allow-Headers', headers
res.header 'Access-Control-Expose-Headers', 'Set-Cookie'
next()
# Preflight requests
server.opts '.*', (req, res, next) ->
if req.headers.origin and req.headers['access-control-request-method']
res.header 'Access-Control-Allow-Origin', req.headers.origin
res.header 'Access-Control-Allow-Credentials', 'true'
res.header 'Access-Control-Allow-Headers', headers
res.header 'Access-Control-Expose-Headers', 'Set-Cookie'
requestMethod = req.headers['access-control-request-method']
res.header 'Allow', requestMethod
res.header 'Access-Control-Allow-Methods', requestMethod
if req.log
req.log.info
url: req.url
method: req.headers['access-control-request-method']
, "Preflight"
res.send 204
next()
else
res.send 404
next()