How to use the corser.simpleRequestHeaders function in corser

To help you get started, we’ve selected a few corser examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github derhuerst / db-rest / api.js View on Github external
const departures = require('./lib/departures')
const journeys = require('./lib/journeys')
const stations = require('./lib/stations')
const allStations = require('./lib/all-stations')



const api = express()
module.exports = api

api.use(hsts({maxAge: 24 * 60 * 60 * 1000}))

morgan.token('id', (req, res) => req.headers['x-identifier'] || shorthash(req.ip))
api.use(morgan(':date[iso] :id :method :url :status :response-time ms'))

const allowed = corser.simpleRequestHeaders.concat(['User-Agent', 'X-Identifier'])
api.use(corser.create({requestHeaders: allowed})) // CORS

api.use(compression())

api.use((req, res, next) => {
	if (!res.headersSent)
		res.setHeader('X-Powered-By', pkg.name + ' ' + pkg.homepage)
	next()
})



const noCache = nocache()

api.get('/stations/:id/departures', noCache, departures)
api.get('/journeys', noCache, journeys)
github local-npm / local-npm / lib / pouchdb-server-lite.js View on Github external
module.exports = function(options) {
    var port = options.pouchPort;
    var directory = path.resolve(options.directory);
    var app = express();
    var logger = new Logger(Logger.getLevel(options.logLevel));

    app.use(util.request(logger));
    app.use(compression());
    app.use(favicon(path.resolve(__dirname, '..', 'dist', 'favicon.ico')));

    app.use(corser.create({
        methods: ['GET', 'HEAD', 'POST', 'PUT', 'DELETE'],
        supportsCredentials: true,
        requestHeaders: corser.simpleRequestHeaders.concat(["Authorization", "Origin", "Referer"])
    }));

    // set up express-pouchdb with the prefix (directory)
    var ScopedPouchDB = PouchDB.defaults({
        prefix: directory + '/'
    });
    var configFile = path.resolve(directory, 'config.json');
    var logFile = path.resolve(directory, 'log.txt');
    // hacky, but there doesn't seem to be any other way to prefix the log file
    fs.writeFileSync(configFile, JSON.stringify({
        log: {
            file: logFile
        }
    }), 'utf-8');
    var pouchDBApp = expressPouchDB({
        configPath: configFile
github pouchdb / pouchdb-server / packages / node_modules / pouchdb-server / lib / cors.js View on Github external
methods: config.get('cors', 'methods').split(', '),
        supportsCredentials: config.get('cors', 'credentials'),
        requestHeaders: config.get('cors', 'headers').split(', '),
        origins: origins
      });
    } else {
      corsMiddleware = null;
    }
  }

  [
    ['httpd', 'enable_cors', true],
    ['cors', 'credentials', true],
    ['cors', 'methods', 'GET, HEAD, POST, PUT, DELETE, COPY'],
    ['cors', 'origins', '*'],
    ['cors', 'headers', corser.simpleRequestHeaders.concat([
      'Authorization', 'Origin', 'Referer'
    ]).join(', ')],
  ].forEach(function (info) {
    config.registerDefault.apply(config, info);
    config.on(info[0] + '.' + info[1], corsChanged);
  });
  corsChanged();

  return function (req, res, next) {
    if (!corsMiddleware) {
      return next();
    }
    corsMiddleware(req, res, next);
  };
};
github deployd / deployd / lib / util / http.js View on Github external
exports.setup = function(options, req, res, next) {
  var remoteHost = req.headers.origin
    , corsOpts = {supportsCredentials: true, methods: ALLOWED_METHODS, maxAge: 300};

  if(remoteHost) {
    corsOpts.origins = options.origins;
  } else {
    corsOpts.supportsCredentials = false;
  }
  corsOpts.responseHeaders = corser.simpleResponseHeaders.concat(["X-Session-Token", "X-Session-Invalidated"]).concat(options.allowedResponseHeaders || []);
  corsOpts.requestHeaders = corser.simpleRequestHeaders.concat(["X-Requested-With", "Authorization"]).concat(options.allowedRequestHeaders || []);
  if (options.allowCorsRootRequests) {
    corsOpts.requestHeaders.push("dpd-ssh-key");
  }

  var handler = corser.create(corsOpts);

  handler(req, res, function () {
    req.cookies = res.cookies = new Cookies(req, res);

    if(~req.url.indexOf('?')) {
      try {
        req.query = parseQuery(req.url);
        var m = req.query._method;
        if ( m ) {
            req.originalMethod = req.method;
            req.method = m.toUpperCase();

corser

A highly configurable, middleware compatible implementation of CORS.

MIT
Latest version published 8 years ago

Package Health Score

67 / 100
Full package analysis