Permalink
Browse files

close #21 with cors() method

  • Loading branch information...
jeremydaly committed Apr 23, 2018
1 parent 41ff595 commit 04a355d6f1316d9f3291813d4dc620c86120e432
Showing with 107 additions and 0 deletions.
  1. +23 −0 lib/response.js
  2. +84 −0 test/headers.js
@@ -317,6 +317,29 @@ class RESPONSE {
// TODO: sendStatus


// Convenience method for setting CORS headers
cors(options) {
const opts = typeof options === 'object' ? options : {}

// Check for existing headers
let acao = this.getHeader('Access-Control-Allow-Origin')
let acam = this.getHeader('Access-Control-Allow-Methods')
let acah = this.getHeader('Access-Control-Allow-Headers')

// Default CORS headers
this.header('Access-Control-Allow-Origin',opts.origin ? opts.origin : (acao ? acao : '*'))
this.header('Access-Control-Allow-Methods',opts.methods ? opts.methods : (acam ? acam : 'GET, PUT, POST, DELETE, OPTIONS'))
this.header('Access-Control-Allow-Headers',opts.headers ? opts.headers : (acah ? acah : 'Content-Type, Authorization, Content-Length, X-Requested-With'))

// Optional CORS headers
if(opts.maxAge && !isNaN(opts.maxAge)) this.header('Access-Control-Max-Age',(opts.maxAge/1000|0).toString())
if(opts.credentials) this.header('Access-Control-Allow-Credentials',opts.credentials.toString())
if(opts.exposeHeaders) this.header('Access-Control-Expose-Headers',opts.exposeHeaders)

return this
}



// Sends the request to the main callback
send(body) {
@@ -49,6 +49,28 @@ api.get('/getHeader', function(req,res) {
})
})

api.get('/cors', function(req,res) {
res.cors().json({})
})

api.get('/corsCustom', function(req,res) {
res.cors({
origin: 'example.com',
methods: 'GET, OPTIONS',
headers: 'Content-Type, Authorization',
maxAge: 84000000,
credentials: true,
exposeHeaders: 'Content-Type'
}).json({})
})

api.get('/corsOverride', function(req,res) {
res.cors().cors({
origin: 'example.com',
credentials: true
}).json({})
})


/******************************************************************************/
/*** BEGIN TESTS ***/
@@ -104,4 +126,66 @@ describe('Header Tests:', function() {
})
}) // end it


it('Add Default CORS Headers', function() {
let _event = Object.assign({},event,{ path: '/cors'})

return new Promise((resolve,reject) => {
api.run(_event,{},function(err,res) { resolve(res) })
}).then((result) => {
expect(result).to.deep.equal({
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Headers': 'Content-Type, Authorization, Content-Length, X-Requested-With',
'Access-Control-Allow-Methods': 'GET, PUT, POST, DELETE, OPTIONS',
'Access-Control-Allow-Origin': '*'
}, statusCode: 200,
body: '{}',
isBase64Encoded: false
})
})
}) // end it

it('Add Custom CORS Headers', function() {
let _event = Object.assign({},event,{ path: '/corsCustom'})

return new Promise((resolve,reject) => {
api.run(_event,{},function(err,res) { resolve(res) })
}).then((result) => {
expect(result).to.deep.equal({
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Headers': 'Content-Type, Authorization',
'Access-Control-Allow-Methods': 'GET, OPTIONS',
'Access-Control-Allow-Origin': 'example.com',
'Access-Control-Allow-Credentials': 'true',
'Access-Control-Expose-Headers': 'Content-Type',
'Access-Control-Max-Age': '84000'
}, statusCode: 200,
body: '{}',
isBase64Encoded: false
})
})
}) // end it

it('Override CORS Headers', function() {
let _event = Object.assign({},event,{ path: '/corsOverride'})

return new Promise((resolve,reject) => {
api.run(_event,{},function(err,res) { resolve(res) })
}).then((result) => {
expect(result).to.deep.equal({
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Headers': 'Content-Type, Authorization, Content-Length, X-Requested-With',
'Access-Control-Allow-Methods': 'GET, PUT, POST, DELETE, OPTIONS',
'Access-Control-Allow-Origin': 'example.com',
'Access-Control-Allow-Credentials': 'true'
}, statusCode: 200,
body: '{}',
isBase64Encoded: false
})
})
}) // end it

}) // end HEADER tests

0 comments on commit 04a355d

Please sign in to comment.