From 419933f6505caf4c5e685f8436b1ff735185e55a Mon Sep 17 00:00:00 2001 From: Vijay Raghavan Aravamudhan Date: Sun, 1 Aug 2021 11:07:57 +0000 Subject: Moved 'internal-server' into a sub-folder as opposed to a git submodule. (#1715) * Ignored tests in 'internal-server' folder since there are none. * Linter fixes --- src/internal-server/config/cors.js | 85 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 src/internal-server/config/cors.js (limited to 'src/internal-server/config/cors.js') diff --git a/src/internal-server/config/cors.js b/src/internal-server/config/cors.js new file mode 100644 index 000000000..ca57dff0d --- /dev/null +++ b/src/internal-server/config/cors.js @@ -0,0 +1,85 @@ +module.exports = { + /* + |-------------------------------------------------------------------------- + | Origin + |-------------------------------------------------------------------------- + | + | Set a list of origins to be allowed. The value can be one of the following + | + | Boolean: true - Allow current request origin + | Boolean: false - Disallow all + | String - Comma separated list of allowed origins + | Array - An array of allowed origins + | String: * - A wildcard to allow current request origin + | Function - Receives the current origin and should return one of the above values. + | + */ + origin: false, + + /* + |-------------------------------------------------------------------------- + | Methods + |-------------------------------------------------------------------------- + | + | HTTP methods to be allowed. The value can be one of the following + | + | String - Comma separated list of allowed methods + | Array - An array of allowed methods + | + */ + methods: ['GET', 'PUT', 'PATCH', 'POST', 'DELETE'], + + /* + |-------------------------------------------------------------------------- + | Headers + |-------------------------------------------------------------------------- + | + | List of headers to be allowed via Access-Control-Request-Headers header. + | The value can be one of the following. + | + | Boolean: true - Allow current request headers + | Boolean: false - Disallow all + | String - Comma separated list of allowed headers + | Array - An array of allowed headers + | String: * - A wildcard to allow current request headers + | Function - Receives the current header and should return one of the above values. + | + */ + headers: true, + + /* + |-------------------------------------------------------------------------- + | Expose Headers + |-------------------------------------------------------------------------- + | + | A list of headers to be exposed via `Access-Control-Expose-Headers` + | header. The value can be one of the following. + | + | Boolean: false - Disallow all + | String: Comma separated list of allowed headers + | Array - An array of allowed headers + | + */ + exposeHeaders: false, + + /* + |-------------------------------------------------------------------------- + | Credentials + |-------------------------------------------------------------------------- + | + | Define Access-Control-Allow-Credentials header. It should always be a + | boolean. + | + */ + credentials: false, + + /* + |-------------------------------------------------------------------------- + | MaxAge + |-------------------------------------------------------------------------- + | + | Define Access-Control-Allow-Max-Age + | + */ + maxAge: 90, +}; -- cgit v1.2.3-70-g09d2