CORS anyway (node http)

9/11/2017 - 5:03 AM

const CORS_ALLOW_METHODS = [
    'OPTIONS',
    'GET',
    'HEAD',
    'POST',
    'PUT',
    'PATCH',
    'DELETE'
];
const CORS_MAX_AGE = 86400;

function corsAnyway(req, res) {
    if (!req.headers.origin) {
        return;
    }

    if (req.method === 'OPTIONS') {
        res.setHeader('Access-Control-Max-Age', CORS_MAX_AGE);

        if (req.headers['access-control-request-method']) {
            res.setHeader('Access-Control-Allow-Methods', CORS_ALLOW_METHODS.join(', '));
        }

        if (req.headers['access-control-request-headers']) {
            res.setHeader('Access-Control-Allow-Headers', req.headers['access-control-request-headers']);
        }
    }

    res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
    res.setHeader('Access-Control-Allow-Credentials', 'true');
}

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

CORS anyway (node http)