yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-08-10 09:47:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix use defaults middleware configs

Browse Source
This commit is contained in:
Jim Laurie 2017-11-27 12:11:30 +01:00
parent 5e2748f81f
commit ed6367eeb4
3 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
packages/strapi/lib/middlewares/cors/index.js
View File

@ -15,17 +15,19 @@ module.exports = strapi => {
*/ */
initialize: function(cb) { initialize: function(cb) {
const defaults = require('./defaults.json');
strapi.app.use( strapi.app.use(
async (ctx, next) => { async (ctx, next) => {
if (ctx.request.admin) { if (ctx.request.admin) {
return strapi.koaMiddlewares.kcors({ return strapi.koaMiddlewares.kcors({
origin: '*', origin: '*',
exposeHeaders: this.defaults.cors.expose, exposeHeaders: defaults.cors.expose,
maxAge: this.defaults.cors.maxAge, maxAge: defaults.cors.maxAge,
credentials: this.defaults.cors.credentials, credentials: defaults.cors.credentials,
allowMethods: this.defaults.cors.methods, allowMethods: defaults.cors.methods,
allowHeaders: this.defaults.cors.headers, allowHeaders: defaults.cors.headers,
keepHeadersOnError: this.defaults.cors.keepHeadersOnError keepHeadersOnError: defaults.cors.keepHeadersOnError
})(ctx, next); })(ctx, next);
} else if (strapi.config.currentEnvironment.security.cors.enabled) { } else if (strapi.config.currentEnvironment.security.cors.enabled) {
return strapi.koaMiddlewares.kcors({ return strapi.koaMiddlewares.kcors({

6
packages/strapi/lib/middlewares/xframe/index.js
View File

@ -15,13 +15,15 @@ module.exports = strapi => {
*/ */
initialize: function(cb) { initialize: function(cb) {
const defaults = require('./defaults.json');
strapi.app.use( strapi.app.use(
async (ctx, next) => { async (ctx, next) => {
if (ctx.request.admin) { if (ctx.request.admin) {
return await strapi.koaMiddlewares.convert( return await strapi.koaMiddlewares.convert(
strapi.koaMiddlewares.lusca.xframe({ strapi.koaMiddlewares.lusca.xframe({
enabled: this.defaults.xframe.enabled, enabled: defaults.xframe.enabled,
value: this.defaults.xframe.value value: defaults.xframe.value
}) })
)(ctx, next); )(ctx, next);
} else if (strapi.config.currentEnvironment.security.xframe.enabled) { } else if (strapi.config.currentEnvironment.security.xframe.enabled) {

4
packages/strapi/lib/middlewares/xss/index.js
View File

@ -15,13 +15,15 @@ module.exports = strapi => {
*/ */
initialize: function(cb) { initialize: function(cb) {
const defaults = require('./defaults.json');
strapi.app.use( strapi.app.use(
async (ctx, next) => { async (ctx, next) => {
if (ctx.request.admin) { if (ctx.request.admin) {
return await strapi.koaMiddlewares.convert( return await strapi.koaMiddlewares.convert(
strapi.koaMiddlewares.lusca.xssProtection({ strapi.koaMiddlewares.lusca.xssProtection({
enabled: true, enabled: true,
mode: this.defaults.xss.mode mode: defaults.xss.mode
}) })
)(ctx, next); )(ctx, next);
} else if (strapi.config.currentEnvironment.security.xss.enabled) { } else if (strapi.config.currentEnvironment.security.xss.enabled) {