ThomasBurleson
7/9/2014 - 1:21 PM

CORS checking with NodeJS

CORS checking with NodeJS

function unkMH(req, res) {
  var allowHeaders;

  if (req.method.toLowerCase() === 'options') {
    allowHeaders = ['Accept', 'Accept-Version', 'Content-Type', 'Api-Version', 'Authorization'];
    if (res.methods.indexOf('OPTIONS') === -1) {
      res.methods.push('OPTIONS');
    }
    res.header('Access-Control-Allow-Credentials', true);
    res.header('Access-Control-Allow-Headers', allowHeaders.join(', '));
    res.header('Access-Control-Allow-Methods', res.methods.join(', '));
    res.header('Access-Control-Allow-Origin', req.headers.origin);
    return res.send(204);
  } else {
    return res.send(new restify.MethodNotAllowedError());
  }
};