1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 | 'use strict';
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 | function cors() {
|
15 | return async (req, res) => {
|
16 | const origin = req.headers.origin != null
|
17 | ? req.headers.origin
|
18 | : '*';
|
19 |
|
20 | res.setHeader('Access-Control-Allow-Origin', origin);
|
21 | res.setHeader('Access-Control-Allow-Credentials', 'true');
|
22 | res.setHeader(
|
23 | 'Access-Control-Allow-Methods',
|
24 | 'GET,HEAD,PUT,PATCH,POST,DELETE');
|
25 | res.setHeader('Access-Control-Allow-Headers', 'Authorization');
|
26 |
|
27 | if (req.method === 'OPTIONS') {
|
28 | res.setStatus(200);
|
29 | res.end();
|
30 | return;
|
31 | }
|
32 | };
|
33 | }
|
34 |
|
35 |
|
36 |
|
37 |
|
38 |
|
39 | module.exports = cors;
|