1 files changed, 85 insertions, 0 deletions
diff --git a/src/internal-server/config/cors.js b/src/internal-server/config/cors.js
new file mode 100644
index 000000000..ca57dff0d
--- /dev/null
+++ b/src/internal-server/config/cors.js
@@ -0,0 +1,85 @@
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Origin
+  |--------------------------------------------------------------------------
+  |
+  | Set a list of origins to be allowed. The value can be one of the following
+  |
+  | Boolean: true - Allow current request origin
+  | Boolean: false - Disallow all
+  | String - Comma separated list of allowed origins
+  | Array - An array of allowed origins
+  | String: * - A wildcard to allow current request origin
+  | Function - Receives the current origin and should return one of the above values.
+  |
+  */
+  origin: false,
+  /*
+  |--------------------------------------------------------------------------
+  | Methods
+  |--------------------------------------------------------------------------
+  |
+  | HTTP methods to be allowed. The value can be one of the following
+  |
+  | String - Comma separated list of allowed methods
+  | Array - An array of allowed methods
+  |
+  */
+  methods: ['GET', 'PUT', 'PATCH', 'POST', 'DELETE'],
+  /*
+  |--------------------------------------------------------------------------
+  | Headers
+  |--------------------------------------------------------------------------
+  |
+  | List of headers to be allowed via Access-Control-Request-Headers header.
+  | The value can be one of the following.
+  |
+  | Boolean: true - Allow current request headers
+  | Boolean: false - Disallow all
+  | String - Comma separated list of allowed headers
+  | Array - An array of allowed headers
+  | String: * - A wildcard to allow current request headers
+  | Function - Receives the current header and should return one of the above values.
+  |
+  */
+  headers: true,
+  /*
+  |--------------------------------------------------------------------------
+  | Expose Headers
+  |--------------------------------------------------------------------------
+  |
+  | A list of headers to be exposed via `Access-Control-Expose-Headers`
+  | header. The value can be one of the following.
+  |
+  | Boolean: false - Disallow all
+  | String: Comma separated list of allowed headers
+  | Array - An array of allowed headers
+  |
+  */
+  exposeHeaders: false,
+  /*
+  |--------------------------------------------------------------------------
+  | Credentials
+  |--------------------------------------------------------------------------
+  |
+  | Define Access-Control-Allow-Credentials header. It should always be a
+  | boolean.
+  |
+  */
+  credentials: false,
+  /*
+  |--------------------------------------------------------------------------
+  | MaxAge
+  |--------------------------------------------------------------------------
+  |
+  | Define Access-Control-Allow-Max-Age
+  |
+  */
+  maxAge: 90,
+};

diff --git a/src/internal-server/config/cors.js b/src/internal-server/config/cors.js new file mode 100644 index 000000000..ca57dff0d --- /dev/null +++ b/src/internal-server/config/cors.js
@@ -0,0 +1,85 @@
	1	module.exports = {
	2	/*
	3	\|--------------------------------------------------------------------------
	4	\| Origin
	5	\|--------------------------------------------------------------------------
	6	\|
	7	\| Set a list of origins to be allowed. The value can be one of the following
	8	\|
	9	\| Boolean: true - Allow current request origin
	10	\| Boolean: false - Disallow all
	11	\| String - Comma separated list of allowed origins
	12	\| Array - An array of allowed origins
	13	\| String: * - A wildcard to allow current request origin
	14	\| Function - Receives the current origin and should return one of the above values.
	15	\|
	16	*/
	17	origin: false,
	18
	19	/*
	20	\|--------------------------------------------------------------------------
	21	\| Methods
	22	\|--------------------------------------------------------------------------
	23	\|
	24	\| HTTP methods to be allowed. The value can be one of the following
	25	\|
	26	\| String - Comma separated list of allowed methods
	27	\| Array - An array of allowed methods
	28	\|
	29	*/
	30	methods: ['GET', 'PUT', 'PATCH', 'POST', 'DELETE'],
	31
	32	/*
	33	\|--------------------------------------------------------------------------
	34	\| Headers
	35	\|--------------------------------------------------------------------------
	36	\|
	37	\| List of headers to be allowed via Access-Control-Request-Headers header.
	38	\| The value can be one of the following.
	39	\|
	40	\| Boolean: true - Allow current request headers
	41	\| Boolean: false - Disallow all
	42	\| String - Comma separated list of allowed headers
	43	\| Array - An array of allowed headers
	44	\| String: * - A wildcard to allow current request headers
	45	\| Function - Receives the current header and should return one of the above values.
	46	\|
	47	*/
	48	headers: true,
	49
	50	/*
	51	\|--------------------------------------------------------------------------
	52	\| Expose Headers
	53	\|--------------------------------------------------------------------------
	54	\|
	55	\| A list of headers to be exposed via `Access-Control-Expose-Headers`
	56	\| header. The value can be one of the following.
	57	\|
	58	\| Boolean: false - Disallow all
	59	\| String: Comma separated list of allowed headers
	60	\| Array - An array of allowed headers
	61	\|
	62	*/
	63	exposeHeaders: false,
	64
	65	/*
	66	\|--------------------------------------------------------------------------
	67	\| Credentials
	68	\|--------------------------------------------------------------------------
	69	\|
	70	\| Define Access-Control-Allow-Credentials header. It should always be a
	71	\| boolean.
	72	\|
	73	*/
	74	credentials: false,
	75
	76	/*
	77	\|--------------------------------------------------------------------------
	78	\| MaxAge
	79	\|--------------------------------------------------------------------------
	80	\|
	81	\| Define Access-Control-Allow-Max-Age
	82	\|
	83	*/
	84	maxAge: 90,
	85	};