core/middleware/cors.js

/**
 * 跨域中间件
 * @author yutent<yutent.io@gmail.com>
 * @date 2020/09/18 14:55:49
 */

import url from 'url'

export default function(req, res, next) {
  var CORS = this.get('cors')

  if (CORS.enabled) {
    var origin = req.header('origin') || req.header('referer') || ''
    var headers = req.header('access-control-request-headers')
    var { hostname, host, protocol } = url.parse(origin)

    if (CORS.origin.length && hostname) {
      if (!CORS.origin.includes(hostname)) {
        return res.end('')
      }
    }
    res.set('Access-Control-Allow-Credentials', 'true')
    res.set('Access-Control-Allow-Origin', `${protocol}//${host}`)

    if (headers) {
      res.set('Access-Control-Allow-Headers', headers)
    }

    if (CORS.maxAge) {
      res.set('Access-Control-Max-Age', CORS.maxAge)
    }

    if (req.method === 'OPTIONS') {
      return res.end('')
    }
  }
  next()
}
init 2020-09-15 18:35:00 +08:00			`/**`
更新依赖引入 2020-09-18 18:14:47 +08:00			`* 跨域中间件`
			`* @author yutent<yutent.io@gmail.com>`
			`* @date 2020/09/18 14:55:49`
init 2020-09-15 18:35:00 +08:00			`*/`

更新依赖引入 2020-09-18 18:14:47 +08:00			`import url from 'url'`
init 2020-09-15 18:35:00 +08:00
更新git及依赖 2020-09-16 14:08:06 +08:00			`export default function(req, res, next) {`
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00			`var CORS = this.get('cors')`
init 2020-09-15 18:35:00 +08:00
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00			`if (CORS.enabled) {`
init 2020-09-15 18:35:00 +08:00			`var origin = req.header('origin') \|\| req.header('referer') \|\| ''`
			`var headers = req.header('access-control-request-headers')`
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00			`var { hostname, host, protocol } = url.parse(origin)`
init 2020-09-15 18:35:00 +08:00
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00			`if (CORS.origin.length && hostname) {`
			`if (!CORS.origin.includes(hostname)) {`
init 2020-09-15 18:35:00 +08:00			`return res.end('')`
			`}`
			`}`
			`res.set('Access-Control-Allow-Credentials', 'true')`
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00			res.set('Access-Control-Allow-Origin', `${protocol}//${host}`)

init 2020-09-15 18:35:00 +08:00			`if (headers) {`
			`res.set('Access-Control-Allow-Headers', headers)`
			`}`
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00
			`if (CORS.maxAge) {`
			`res.set('Access-Control-Max-Age', CORS.maxAge)`
init 2020-09-15 18:35:00 +08:00			`}`
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00
init 2020-09-15 18:35:00 +08:00			`if (req.method === 'OPTIONS') {`
			`return res.end('')`
			`}`
			`}`
			`next()`
			`}`