Package Exports
- koa2-cors
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (koa2-cors) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
koa2-cors
install
it requires node v7.6.0 or higher now
npm install --save koa2-corsUsage
var Koa = require('koa');
var cors = require('koa2-cors');
var app = new Koa();
app.use(cors());Options
origin
Configures the Access-Control-Allow-Origin CORS header. expects a string. Can also be set to a function, which takes the ctx as the first parameter.
exposeHeaders
Configures the Access-Control-Expose-Headers CORS header. Expects a comma-delimited array.
maxAge
Configures the Access-Control-Max-Age CORS header. Expects a Number.
credentials
Configures the Access-Control-Allow-Credentials CORS header. Expects a Boolean.
allowMethods
Configures the Access-Control-Allow-Methods CORS header. Expects a comma-delimited array , If not specified, default allowMethods is ['GET', 'PUT', 'POST', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'].
allowHeaders
Configures the Access-Control-Allow-Headers CORS header. Expects a comma-delimited array . If not specified, defaults to reflecting the headers specified in the request's Access-Control-Request-Headers header.
var Koa = require('koa');
var cors = require('koa2-cors');
var app = new Koa();
app.use(cors({
origin: function(ctx) {
if (ctx.url === '/test') {
return false;
}
return '*';
},
exposeHeaders: ['WWW-Authenticate', 'Server-Authorization'],
maxAge: 5,
credentials: true,
allowMethods: ['GET', 'POST', 'DELETE'],
allowHeaders: ['Content-Type', 'Authorization', 'Accept'],
}));
...