Need help with egg-cors?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

eggjs
142 Stars 13 Forks MIT License 31 Commits 3 Opened issues

Description

CORS plugin for egg

Services available

!
?

Need anything else?

Contributors list

egg-cors

NPM version build status Test coverage David deps Known Vulnerabilities npm download

CORS plugin for egg, based on @koa/cors.

Install

$ npm i egg-cors --save

Usage

// {app_root}/config/plugin.js
exports.cors = {
  enable: true,
  package: 'egg-cors',
};

egg-cors
works internally with egg-security. By defining the property of
domainWhiteList
on object
security
, you have successfully informed the framework to whitelist the passed domains.

When you make a request from client side, egg should return an

Access-Control-Allow-Origin
response header with the domain that you passed in along with the payload and status code 200.
exports.security = {
  domainWhiteList: [ 'http://localhost:4200' ],
};

Configuration

Support all configurations in @koa/cors.

// {app_root}/config/config.default.js
exports.cors = {
  // {string|Function} origin: '*',
  // {string|Array} allowMethods: 'GET,HEAD,PUT,POST,DELETE,PATCH'
};

If the

origin
is set, the plugin will follow it to set the
Access-Control-Allow-Origin
and ignore the
security.domainWhiteList
. Otherwise, the
security.domainWhiteList
which is default will take effect as described above.

Security

Only in safe domain list support CORS when security plugin enabled.

Questions & Suggestions

Please open an issue here.

License

MIT

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.