38 lines
1.0 KiB
JavaScript
38 lines
1.0 KiB
JavaScript
|
/**
|
||
|
|
*
|
||
|
|
* @authors yutent (yutent@doui.cc)
|
||
|
|
* @date 2018-09-03 22:26:51
|
||
|
|
*/
|
||
|
|
|
||
|
|
'use strict'
|
||
|
|
|
||
|
|
module.exports = function(req, res, next) {
|
||
|
|
var supportCredentials = this.get('supportCredentials')
|
||
|
|
var credentialsRule = this.get('credentialsRule')
|
||
|
|
var credentialsMaxAge = this.get('credentialsMaxAge')
|
||
|
|
|
||
|
|
if (supportCredentials) {
|
||
|
|
var origin = req.header('origin') || req.header('referer') || ''
|
||
|
|
var headers = req.header('access-control-request-headers')
|
||
|
|
origin = Util.url.parse(origin)
|
||
|
|
|
||
|
|
if (credentialsRule && origin.hostname) {
|
||
|
|
if (!credentialsRule.test(origin.hostname)) {
|
||
|
|
return res.end('')
|
||
|
|
}
|
||
|
|
}
|
||
|
|
res.set('Access-Control-Allow-Credentials', 'true')
|
||
|
|
res.set('Access-Control-Allow-Origin', `${origin.protocol}//${origin.host}`)
|
||
|
|
if (headers) {
|
||
|
|
res.set('Access-Control-Allow-Headers', headers)
|
||
|
|
}
|
||
|
|
if (credentialsMaxAge) {
|
||
|
|
res.set('Access-Control-Max-Age', credentialsMaxAge)
|
||
|
|
}
|
||
|
|
if (req.method === 'OPTIONS') {
|
||
|
|
return res.end('')
|
||
|
|
}
|
||
|
|
}
|
||
|
|
next()
|
||
|
|
}
|