seepur/config/cors.js
2020-01-13 20:57:43 -05:00

87 lines
2.6 KiB
JavaScript

'use strict'
module.exports = {
/*
|--------------------------------------------------------------------------
| Origin
|--------------------------------------------------------------------------
|
| Set a list of origins to be allowed. The value can be one of the following
|
| Boolean: true - Allow current request origin
| Boolean: false - Disallow all
| String - Comma seperated list of allowed origins
| Array - An array of allowed origins
| String: * - A wildcard to allow current request origin
| Function - Receives the current origin and should return one of the above values.
|
*/
origin: false,
/*
|--------------------------------------------------------------------------
| Methods
|--------------------------------------------------------------------------
|
| HTTP methods to be allowed. The value can be one of the following
|
| String - Comma seperated list of allowed methods
| Array - An array of allowed methods
|
*/
methods: ['GET', 'PUT', 'PATCH', 'POST', 'DELETE'],
/*
|--------------------------------------------------------------------------
| Headers
|--------------------------------------------------------------------------
|
| List of headers to be allowed via Access-Control-Request-Headers header.
| The value can be on of the following.
|
| Boolean: true - Allow current request headers
| Boolean: false - Disallow all
| String - Comma seperated list of allowed headers
| Array - An array of allowed headers
| String: * - A wildcard to allow current request headers
| Function - Receives the current header and should return one of the above values.
|
*/
headers: true,
/*
|--------------------------------------------------------------------------
| Expose Headers
|--------------------------------------------------------------------------
|
| A list of headers to be exposed via `Access-Control-Expose-Headers`
| header. The value can be on of the following.
|
| Boolean: false - Disallow all
| String: Comma seperated list of allowed headers
| Array - An array of allowed headers
|
*/
exposeHeaders: false,
/*
|--------------------------------------------------------------------------
| Credentials
|--------------------------------------------------------------------------
|
| Define Access-Control-Allow-Credentials header. It should always be a
| boolean.
|
*/
credentials: false,
/*
|--------------------------------------------------------------------------
| MaxAge
|--------------------------------------------------------------------------
|
| Define Access-Control-Allow-Max-Age
|
*/
maxAge: 90
}