@lottojs/cors

NodeJS HTTP CORS Middleware for secure cross-origin resource sharing.

Report Bug · Request Feature

About The Project

A CORS middleware designed to enhance security by enabling secure cross-origin resource sharing in Node.js applications. Initially created to serve the @lottojs/lotto package but nothing excludes it to be also used by the community.

Documentation

Complete API documentation is available at lottojs.tech.

Getting Started

Installation

 npm i @lottojs/cors

Usage

The package exports a middleware named cors. This middleware should be used within an HTTP server handler. It checks the request's origin and sets the appropriate CORS headers. This allows or restricts cross-origin requests based on the specified configuration.

    import { createServer } from 'node:http';
    import { cors } from '@lottojs/cors';

    createServer(
        async (req: IncomingMessage, res: ServerResponse) => {
                ...
                const allowedSites = ['http://localhost:3000']
                const allowedMethods = ['GET', 'POST']
                const allowedHeaders = ['Content-Type', 'Authorization']
                const exposeHeaders = ['Content-Length']
                const allowCredentials = true

                cors(
                    allowedSites,
                    allowedMethods,
                    allowedHeaders,
                    exposeHeaders,
                    allowCredentials
                )(req, res, next())
                ...
        },
    )

Contributing

All forms of contributions are more than welcome! You can contribute in the following ways:

• Create an Issue
• Create a Pull Request
• Create third-party middlewares
• Share with your friends
• Make your application with Lotto.

For more details, see Contribution Guide.

License

Distributed under the MIT License. See LICENSE for more information.

(back to top)