1 | 'use strict';
|
2 |
|
3 | const _ = require('lodash');
|
4 |
|
5 | const HeaderDate = 'Date';
|
6 |
|
7 | const RequestID = 'X-Fc-Request-Id';
|
8 |
|
9 | const CORSMaxAgeSeconds = '3600';
|
10 |
|
11 |
|
12 | const InvocationError = 'x-fc-error-type';
|
13 |
|
14 |
|
15 | const InvocationLogResult = 'x-fc-log-result';
|
16 |
|
17 |
|
18 | const MaxMemoryUsage = 'x-fc-max-memory-usage';
|
19 |
|
20 |
|
21 | const InvocationDuration = 'x-fc-invocation-duration';
|
22 |
|
23 |
|
24 | const InvocationCodeChecksum = 'x-fc-code-checksum';
|
25 |
|
26 | const InvocationCodeVersion = 'x-fc-invocation-code-version';
|
27 |
|
28 | const exposedHeaders = [HeaderDate, RequestID, InvocationError, InvocationCodeChecksum, InvocationDuration, MaxMemoryUsage, InvocationLogResult, InvocationCodeVersion];
|
29 |
|
30 | const CORSExposedHeaders = _.join(exposedHeaders, ',');
|
31 |
|
32 | function setCORSHeaders(req, res, next) {
|
33 |
|
34 | const origin = req.headers.origin;
|
35 | if (origin) {
|
36 | res.header('Access-Control-Allow-Origin', origin);
|
37 | }
|
38 |
|
39 | if (req.headers['access-control-request-method']) {
|
40 | res.header('Access-Control-Allow-Methods', req.headers['access-control-request-method']);
|
41 | }
|
42 |
|
43 | if (req.headers['access-control-request-headers']) {
|
44 | res.header('Access-Control-Allow-Headers', req.headers['access-control-request-headers']);
|
45 | }
|
46 |
|
47 | res.header('Access-Control-Expose-Headers', CORSExposedHeaders);
|
48 |
|
49 | if (_.toLower(req.method) === 'options') {
|
50 | res.header('Access-Control-Max-Age', CORSMaxAgeSeconds);
|
51 |
|
52 | res.sendStatus(200);
|
53 | } else {
|
54 | return next();
|
55 | }
|
56 | }
|
57 | module.exports = { setCORSHeaders };
|