ChangelogGitHubTwitterGitter
Search…
v4.x
Marble.js
Getting started
Installation
Quick setup
HTTP
Effects
Middlewares
Routing
Errors
Output
Context
Advanced
Messaging
Core concepts
Microservices
CQRS
WebSockets
Testing
HTTP routes testing
Other
How does it glue together?
Migration guides
API reference
@marblejs/core
@marblejs/http
@marblejs/messaging
@marblejs/websockets
@marblejs/middleware-multipart
@marblejs/middleware-cors
@marblejs/middleware-io
@marblejs/middleware-logger
@marblejs/middleware-body
@marblejs-contrib/middleware-jwt
@marblejs-contrib/middleware-joi
Style Guide
FAQ
Powered By GitBook
@marblejs/middleware-cors
A CORS middleware for Marble.js

Installation

yarn add @marblejs/middleware-cors
Requires @marblejs/core to be installed.

Importing

import { cors$ } from '@marblejs/middleware-cors';

Type declaration

cors$ :: CORSOptions -> HttpMiddlewareEffect

Parameters

parameter
definition
options
<optional> CORSOptions
CORSOptions
parameter
definition
origin
<optional> string | string[] | RegExp
methods
<optional> HttpMethod[]
optionsSuccessStatus
<optional> HttpStatus
allowHeaders
<optional> string | string[]
exposeHeaders
<optional> string[]
withCredentials
<optional> boolean
maxAge
<optional> number
This object allows you to configure CORS headers with various options. Both methods and exposeHeaders support wildcard. By default options are configured as following.
{
origin: '*',
methods: ['HEAD', 'GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
withCredentials: false,
optionsSuccessStatus: HttpStatus.NO_CONTENT, // 204
}
Note that provided options are merged with default options so you need to overwrite each default parameter you want to customize.

Basic usage

import { httpListener } from '@marblejs/core';
import { cors$ } from '@marblejs/middleware-cors';
​
export const listener = httpListener({
middlewares: [
cors$({
origin: '*',
allowHeaders: '*',
methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
})
],
effects: [/* ... */],
});
For security purpose it's better to be strict as possible when configuring CORS options.

Strict usage

import { httpListener } from '@marblejs/core';
import { cors$ } from '@marblejs/middleware-cors';
​
export const listener = httpListener({
middlewares: [
cors$({
origin: ['http://example1.com', 'http://example2.com'],
allowHeaders: ['Origin', 'Authorization', 'Content-Type'],
methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
})
],
effects: [/* ... */],
});
Headers notation is case insensitive. content-type will also work.
Previous
@marblejs/middleware-multipart
Next
@marblejs/middleware-io
Last modified 2yr ago
Copy link
On this page
Installation
Importing
Type declaration
Parameters
Basic usage
Strict usage