core/middleware/cors.js

/**
 * 跨域中间件
 * @author yutent<yutent.io@gmail.com>
 * @date 2020/09/18 14:55:49
 */

import { parse } from 'node:url'

export function createCors() {
  return function (req, res, next) {
    let opts = this.get('cors')

    if (opts.enabled) {
      let origin = req.headers['origin'] || req.headers['referer'] || ''
      let headers = req.headers['access-control-request-headers']

      if (!origin) {
        return next()
      }
      let { hostname, host, protocol } = parse(origin)

      if (opts.origin.length) {
        let pass = false
        for (let it of opts.origin) {
          if (hostname.endsWith(it)) {
            pass = true
            break
          }
        }
        if (pass === false) {
          return (res.body = null)
        }
      }
      if (opts.credentials) {
        res.set('Access-Control-Allow-Credentials', 'true')
      }

      res.set('Access-Control-Allow-Origin', `${protocol}//${host}`)
      res.set('Access-Control-Allow-Methods', '*')

      if (headers) {
        res.set('Access-Control-Allow-Headers', headers)
      }

      if (opts.maxAge) {
        res.set('Access-Control-Max-Age', opts.maxAge)
      }

      if (req.method === 'OPTIONS') {
        return (res.body = null)
      }
    }
    next()
  }
}
init 2020-09-15 18:35:00 +08:00			`/**`
更新依赖引入 2020-09-18 18:14:47 +08:00			`* 跨域中间件`
			`* @author yutent<yutent.io@gmail.com>`
			`* @date 2020/09/18 14:55:49`
init 2020-09-15 18:35:00 +08:00			`*/`

一波重构 2023-10-27 19:16:59 +08:00			`import { parse } from 'node:url'`

			`export function createCors() {`
			`return function (req, res, next) {`
依赖更新; 模块更新 2023-11-01 18:46:47 +08:00			`let opts = this.get('cors')`
一波重构 2023-10-27 19:16:59 +08:00
			`if (opts.enabled) {`
修复跨域中间件 2023-11-08 09:33:12 +08:00			`let origin = req.headers['origin'] \|\| req.headers['referer'] \|\| ''`
			`let headers = req.headers['access-control-request-headers']`
优化跨域逻辑 2024-06-27 18:38:01 +08:00
			`if (!origin) {`
			`return next()`
			`}`
依赖更新; 模块更新 2023-11-01 18:46:47 +08:00			`let { hostname, host, protocol } = parse(origin)`
一波重构 2023-10-27 19:16:59 +08:00
优化跨域逻辑 2024-06-27 18:38:01 +08:00			`if (opts.origin.length) {`
依赖更新; 模块更新 2023-11-01 18:46:47 +08:00			`let pass = false`
一波重构 2023-10-27 19:16:59 +08:00			`for (let it of opts.origin) {`
			`if (hostname.endsWith(it)) {`
			`pass = true`
			`break`
			`}`
			`}`
			`if (pass === false) {`
修复跨域中间件 2023-11-08 09:33:12 +08:00			`return (res.body = null)`
优化跨域配置;更新文档 2020-09-30 14:25:08 +08:00			`}`
			`}`
一波重构 2023-10-27 19:16:59 +08:00			`if (opts.credentials) {`
			`res.set('Access-Control-Allow-Credentials', 'true')`
init 2020-09-15 18:35:00 +08:00			`}`
优化跨域配置;更新文档 2020-09-30 14:25:08 +08:00
一波重构 2023-10-27 19:16:59 +08:00			res.set('Access-Control-Allow-Origin', `${protocol}//${host}`)
Update middleware/cors.js 2024-02-23 20:54:26 +08:00			`res.set('Access-Control-Allow-Methods', '*')`
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00
一波重构 2023-10-27 19:16:59 +08:00			`if (headers) {`
			`res.set('Access-Control-Allow-Headers', headers)`
			`}`
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00
一波重构 2023-10-27 19:16:59 +08:00			`if (opts.maxAge) {`
			`res.set('Access-Control-Max-Age', opts.maxAge)`
			`}`
优化中间件/路由/跨域 2020-09-22 19:58:29 +08:00
一波重构 2023-10-27 19:16:59 +08:00			`if (req.method === 'OPTIONS') {`
修复跨域中间件 2023-11-08 09:33:12 +08:00			`return (res.body = null)`
一波重构 2023-10-27 19:16:59 +08:00			`}`
init 2020-09-15 18:35:00 +08:00			`}`
一波重构 2023-10-27 19:16:59 +08:00			`next()`
init 2020-09-15 18:35:00 +08:00			`}`
			`}`