tabshift/payloadcms
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

supports wildcard cors header

Browse Source
This commit is contained in:
James
2020-07-28 19:46:53 -04:00
parent f5b55ddbb4
commit 298948b203
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/express/middleware/index.js
View File

@@ -28,13 +28,14 @@ const middleware = (payload) => [
},
(req, res, next) => {
if (payload.config.cors) {
if (payload.config.cors.indexOf(req.headers.origin) > -1) {
res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
res.header('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE, OPTIONS');
}
res.header('Access-Control-Allow-Headers', 'Origin X-Requested-With, Content-Type, Accept, Authorization');
res.header('Access-Control-Allow-Headers',
'Origin X-Requested-With, Content-Type, Accept, Authorization');
if (payload.config.cors === '*') {
res.setHeader('Access-Control-Allow-Origin', '*');
} else if (Array.isArray(payload.config.cors) && payload.config.cors.indexOf(req.headers.origin) > -1) {
res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
}
}
next();