Startseite Erkunden Hilfe
Registrieren Anmelden
yishanyou
/
GongFuServer
3
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: 57561ee3da
Branches Tags
GongFuServer
/
webServer
/
node_modules
/
koa2-cors
/
dist
/
index.js

index.js 3.0 KB
Verlauf Originalformat

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 
  1. /**
    2. 

  2.  * CORS middleware for koa2
    3. 

  3.  *
    4. 

  4.  * @param {Object} [options]
    5. 

  5.  *  - {String|Function(ctx)} origin `Access-Control-Allow-Origin`, default is request Origin header
    6. 

  6.  *  - {Array} exposeHeaders `Access-Control-Expose-Headers`
    7. 

  7.  *  - {String|Number} maxAge `Access-Control-Max-Age` in seconds
    8. 

  8.  *  - {Boolean} credentials `Access-Control-Allow-Credentials`
    9. 

  9.  *  - {Array} allowMethods `Access-Control-Allow-Methods`,
    10. 

  10.  *    default is ['GET', 'PUT', 'POST', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS']
    11. 

  11.  *  - {Array} allowHeaders `Access-Control-Allow-Headers`
    12. 

  12.  * @return {Function}
    13. 

  13.  * @api public
    14. 

  14.  */
    15. 

  15. module.exports = function crossOrigin(options = {}) {
    16. 

  16.   const defaultOptions = {
    17. 

  17.     allowMethods: ['GET', 'PUT', 'POST', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS']
    18. 

  18.   };
    19. 

  19. 

  20.   // set defaultOptions to options
    21. 

  21.   options = Object.assign({}, defaultOptions, options); // eslint-disable-line no-param-reassign
    22. 

  22. 

  23.   // eslint-disable-next-line consistent-return
    24. 

  24.   return async function cors(ctx, next) {
    25. 

  25.     // always set vary Origin Header
    26. 

  26.     // https://github.com/rs/cors/issues/10
    27. 

  27.     ctx.vary('Origin');
    28. 

  28. 

  29.     let origin;
    30. 

  30.     if (typeof options.origin === 'function') {
    31. 

  31.       origin = options.origin(ctx);
    32. 

  32.     } else {
    33. 

  33.       origin = options.origin || ctx.get('Origin') || '*';
    34. 

  34.     }
    35. 

  35.     if (!origin) {
    36. 

  36.       return await next();
    37. 

  37.     }
    38. 

  38. 

  39.     // Access-Control-Allow-Origin
    40. 

  40.     ctx.set('Access-Control-Allow-Origin', origin);
    41. 

  41. 

  42.     if (ctx.method === 'OPTIONS') {
    43. 

  43.       // Preflight Request
    44. 

  44.       if (!ctx.get('Access-Control-Request-Method')) {
    45. 

  45.         return await next();
    46. 

  46.       }
    47. 

  47. 

  48.       // Access-Control-Max-Age
    49. 

  49.       if (options.maxAge) {
    50. 

  50.         ctx.set('Access-Control-Max-Age', String(options.maxAge));
    51. 

  51.       }
    52. 

  52. 

  53.       // Access-Control-Allow-Credentials
    54. 

  54.       if (options.credentials === true) {
    55. 

  55.         // When used as part of a response to a preflight request,
    56. 

  56.         // this indicates whether or not the actual request can be made using credentials.
    57. 

  57.         ctx.set('Access-Control-Allow-Credentials', 'true');
    58. 

  58.       }
    59. 

  59. 

  60.       // Access-Control-Allow-Methods
    61. 

  61.       if (options.allowMethods) {
    62. 

  62.         ctx.set('Access-Control-Allow-Methods', options.allowMethods.join(','));
    63. 

  63.       }
    64. 

  64. 

  65.       // Access-Control-Allow-Headers
    66. 

  66.       if (options.allowHeaders) {
    67. 

  67.         ctx.set('Access-Control-Allow-Headers', options.allowHeaders.join(','));
    68. 

  68.       } else {
    69. 

  69.         ctx.set('Access-Control-Allow-Headers', ctx.get('Access-Control-Request-Headers'));
    70. 

  70.       }
    71. 

  71. 

  72.       ctx.status = 204; // No Content
    73. 

  73.     } else {
    74. 

  74.       // Request
    75. 

  75.       // Access-Control-Allow-Credentials
    76. 

  76.       if (options.credentials === true) {
    77. 

  77.         if (origin === '*') {
    78. 

  78.           // `credentials` can't be true when the `origin` is set to `*`
    79. 

  79.           ctx.remove('Access-Control-Allow-Credentials');
    80. 

  80.         } else {
    81. 

  81.           ctx.set('Access-Control-Allow-Credentials', 'true');
    82. 

  82.         }
    83. 

  83.       }
    84. 

  84. 

  85.       // Access-Control-Expose-Headers
    86. 

  86.       if (options.exposeHeaders) {
    87. 

  87.         ctx.set('Access-Control-Expose-Headers', options.exposeHeaders.join(','));
    88. 

  88.       }
    89. 

  89. 

  90.       try {
    91. 

  91.         await next();
    92. 

  92.       } catch (err) {
    93. 

  93.         throw err;
    94. 

  94.       }
    95. 

  95.     }
    96. 

  96.   };
    97. 

  97. };
    98.