2018-10-23 23:45:42 +08:00
|
|
|
'use strict';
|
|
|
|
|
2018-04-03 21:32:29 +08:00
|
|
|
module.exports = function cors () {
|
2018-03-02 01:46:04 +08:00
|
|
|
return function corsMiddleware (req, res, next) {
|
2018-04-03 21:32:29 +08:00
|
|
|
const headers = [
|
|
|
|
'X-Requested-With',
|
|
|
|
'X-Prototype-Version',
|
2019-01-10 23:56:07 +08:00
|
|
|
'X-CSRF-Token',
|
|
|
|
'Authorization'
|
2018-04-03 21:32:29 +08:00
|
|
|
];
|
2018-03-02 01:46:04 +08:00
|
|
|
|
2018-04-03 21:32:29 +08:00
|
|
|
if (req.method === 'OPTIONS') {
|
|
|
|
headers.push('Content-Type');
|
2015-07-08 19:27:56 +08:00
|
|
|
}
|
2018-03-02 01:46:04 +08:00
|
|
|
|
2019-10-22 01:07:24 +08:00
|
|
|
res.set('Access-Control-Allow-Origin', '*');
|
|
|
|
res.set('Access-Control-Allow-Headers', headers.join(', '));
|
2018-03-02 01:46:04 +08:00
|
|
|
|
2015-07-08 19:27:56 +08:00
|
|
|
next();
|
|
|
|
};
|
2015-09-17 08:03:09 +08:00
|
|
|
};
|