CORS middleware for Hattip
@hattip/corsCross-Origin Resource Sharing(CORS) middleware for Hattip.
``jsAccess-Control-Allow-Origin
export interface CorsOptions {
/* , default is request Origin header /Access-Control-Allow-Methods
origin?:
| string
| ((ctx: RequestContext) => string | false | Promise
/* , default is 'GET,HEAD,PUT,POST,DELETE,PATCH' /Access-Control-Expose-Headers
allowMethods?: string | string[] | null;
/* /Access-Control-Allow-Headers
exposeHeaders?: string | string[];
/* /Access-Control-Max-Age
allowHeaders?: string | string[];
/* in seconds /Access-Control-Allow-Credentials
maxAge?: string | number;
/* /Cross-Origin-Opener-Policy
credentials?: boolean | ((ctx: RequestContext) => boolean | Promise
/**
* & Cross-Origin-Embedder-Policy headers.',Access-Control-Request-Private-Network
* default is false
*
* @see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/SharedArrayBuffer/Planned_changes
*/
secureContext?: boolean;
/**
* Handle request by return Access-Control-Allow-Private-Network, default to false``
* @see https://wicg.github.io/private-network-access/
*/
privateNetworkAccess?: boolean;
}
- This is a port of koajs/cors by koajs and contributors under the MIT License. They are not affiliated with Hattip.
- Hattip port by Fatih Aygün under the MIT License.