ChangelogGitHubTwitterGitter
Search…
v4.x
Marble.js
Getting started
Installation
Quick setup
HTTP
Effects
Middlewares
Routing
Errors
Output
Context
Advanced
Messaging
Core concepts
Microservices
CQRS
WebSockets
Testing
HTTP routes testing
Other
How does it glue together?
Migration guides
API reference
@marblejs/core
@marblejs/http
@marblejs/messaging
@marblejs/websockets
@marblejs/middleware-multipart
@marblejs/middleware-cors
@marblejs/middleware-io
@marblejs/middleware-logger
@marblejs/middleware-body
@marblejs-contrib/middleware-jwt
@marblejs-contrib/middleware-joi
Style Guide
FAQ
Powered By GitBook
@marblejs/middleware-cors
A CORS middleware for Marble.js

Installation

1
yarn add @marblejs/middleware-cors
Copied!
Requires @marblejs/core to be installed.

Importing

1
import { cors$ } from '@marblejs/middleware-cors';
Copied!

Type declaration

1
cors$ :: CORSOptions -> HttpMiddlewareEffect
Copied!

Parameters

parameter
definition
options
<optional> CORSOptions
CORSOptions
parameter
definition
origin
<optional> string | string[] | RegExp
methods
<optional> HttpMethod[]
optionsSuccessStatus
<optional> HttpStatus
allowHeaders
<optional> string | string[]
exposeHeaders
<optional> string[]
withCredentials
<optional> boolean
maxAge
<optional> number
This object allows you to configure CORS headers with various options. Both methods and exposeHeaders support wildcard. By default options are configured as following.
1
{
2
origin: '*',
3
methods: ['HEAD', 'GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
4
withCredentials: false,
5
optionsSuccessStatus: HttpStatus.NO_CONTENT, // 204
6
}
Copied!
Note that provided options are merged with default options so you need to overwrite each default parameter you want to customize.

Basic usage

1
import { httpListener } from '@marblejs/core';
2
import { cors$ } from '@marblejs/middleware-cors';
3
​
4
export const listener = httpListener({
5
middlewares: [
6
cors$({
7
origin: '*',
8
allowHeaders: '*',
9
methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
10
})
11
],
12
effects: [/* ... */],
13
});
Copied!
For security purpose it's better to be strict as possible when configuring CORS options.

Strict usage

1
import { httpListener } from '@marblejs/core';
2
import { cors$ } from '@marblejs/middleware-cors';
3
​
4
export const listener = httpListener({
5
middlewares: [
6
cors$({
7
origin: ['http://example1.com', 'http://example2.com'],
8
allowHeaders: ['Origin', 'Authorization', 'Content-Type'],
9
methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
10
})
11
],
12
effects: [/* ... */],
13
});
Copied!
Headers notation is case insensitive. content-type will also work.
Previous
@marblejs/middleware-multipart
Next
@marblejs/middleware-io
Last modified 2yr ago
Copy link
Contents
Installation
Importing
Type declaration
Parameters
Basic usage
Strict usage