Nozomu Ikuta
MeProjects

//h3-corsbynozomuikuta

h3-cors

h3-native CORS event handler

24
4
24
TypeScript
View on GitHub

@nozomuikuta/h3-cors

npm version
npm downloads
Github Actions
Codecov

h3-native CORS event handler

πŸ”” Announcement πŸ””

This package has been integrated to h3 v1.5.0, so you can import all features of this package from h3 directly. πŸŽ‰

This repository and the npm package has been archived.

Thank you for all kinds of contribution to this package!

Usage

Install package:

# npm
npm install @nozomuikuta/h3-cors

# yarn
yarn add @nozomuikuta/h3-cors

# pnpm
pnpm install @nozomuikuta/h3-cors

Import:

// ESM
import { defineCorsEventHandler } from '@nozomuikuta/h3-cors'

// CommonJS
const { defineCorsEventHandler } = require('@nozomuikuta/h3-cors')

Usage:

import { createServer } from 'http'
import { createApp } from 'h3'
import { defineCorsEventHandler } from '@nozomuikuta/h3-cors'

const app = createApp()
app.use(defineCorsEventHandler({ /* options */ }))
app.use('/', () => 'Hello world!')

createServer(app).listen(process.env.PORT || 3000)

Options

  • origin is either of the following values to configure Access-Control-Allow-Origin CORS header
    • "*" (default)
    • "null"
    • array of strings or regular expressions
    • function that receives value of Origin header and returns boolean
      • If false is returned, an error is thrown
  • methods is "*" or an array of HTTP methods to configures Access-Control-Allow-Methods CORS header (default: "*")
  • allowHeaders is "*" or an array of HTTP headers to configure Access-Control-Allow-Headers CORS header (default: "*")
  • exposeHeaders is "*" or an array of HTTP headers to configure Access-Control-Expose-Headers CORS header (default: "*")
  • credentials is boolean to configure Access-Control-Allow-Credentials CORS header (default: false)
  • maxAge is a string to configure Access-Control-Max-Age, or false to unset the header (default: false)
  • preflight.statusCode is used to set event.res.statusCode for preflight request (default: 204)
interface CorsOptions {
  origin?: '*' | 'null' | (string | RegExp)[] | ((origin: string) => boolean)
  methods?: '*' | HTTPMethod[]
  allowHeaders?: '*' | string[]
  exposeHeaders?: '*' | string[]
  credentials?: boolean
  maxAge?: string | false
  preflight?: {
    statusCode?: number
  }
}

Utilities

You can import utility functions as well as event handler.

  • isPreflight(event)
  • isAllowedOrigin(origin, options)
  • appendCorsPreflightHeaders(event, options)
  • appendCorsActualRequestHeaders(event, options)

Development

  • Clone this repository
  • Install latest LTS version of Node.js
  • Enable Corepack using corepack enable
  • Install dependencies using pnpm install
  • Run interactive tests using pnpm dev

License

Made with πŸ’›

Published under MIT License.

[beta]v0.14.0