-
-
Notifications
You must be signed in to change notification settings - Fork 44
/
Copy pathcors.d.ts
71 lines (66 loc) · 2.26 KB
/
cors.d.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
import type { ServerRequest, Params } from 'worktop/request';
import type { ServerResponse } from 'worktop/response';
export interface Config {
/**
* The specific origin to allow.
* Sets the `Access-Control-Allow-Origin` header.
* @default "*" – Allows all origins by default.
* @example "https://example.com"
*/
origin: string;
/**
* The duration (in seconds) that a preflight results can be cached.
* Sets the `Access-Control-Max-Age` header.
* @example 3600 – Caches for 1 hour
*/
maxage?: number;
/**
* The methods allowed when accessing the resource
* Sets the `Access-Control-Allow-Methods` header.
* @default ['GET','HEAD','PUT','PATCH','POST','DELETE']
*/
methods?: string[];
/**
* Whether or not the actual request can be made using credentials.
* Sets the `Access-Control-Allow-Credentials` header.
* @default false
*/
credentials?: boolean;
/**
* The HTTP headers that can be used when making the actual request.
* Sets the `Access-Control-Allow-Headers` header.
* @default request.headers.get('Access-Control-Request-Headers') || []
*/
headers?: string[];
/**
* The HTTP response header names that a client is allowed to access.
* Sets the `Access-Control-Expose-Headers` header.
* @default []
*/
expose?: string[];
}
/**
* The defaults used for CORS construction.
*/
export const config: Config;
/**
* Apply CORS headers.
* Conditionallyy sets headers for preflight (aka OPTIONS) requests.
* @NOTE Values in `options` are given priority, otherwise the `config` defaults are used.
*/
export function headers(res: ServerResponse, options?: Partial<Config>, isPreflight?: boolean): void;
type PreflightConfig = Omit<Config, 'origin'> & {
/**
* When a string, only requests from the specified value are allowed.
* When `true`, the incoming `Origin` header will always be allowed.
* When a RegExp, matching `Origin` header values will be allowed.
* When `false`, allows any origin – equivalent to `"*"` value.
* @default "*"
*/
origin?: string | boolean | RegExp;
}
/**
* Apply all CORS headers (see `headers` export)
* Will also handle preflight (aka, OPTIONS) requests.
*/
export function preflight(options?: PreflightConfig): <P extends Params = Params>(req: ServerRequest<P>, res: ServerResponse) => void;