mirror of
https://github.com/strapi/strapi.git
synced 2025-07-13 12:02:10 +00:00
54 lines
1.1 KiB
JavaScript
54 lines
1.1 KiB
JavaScript
'use strict';
|
|
|
|
/**
|
|
* Module dependencies
|
|
*/
|
|
|
|
// Public node modules.
|
|
const _ = require('lodash');
|
|
|
|
/**
|
|
* CORS hook
|
|
*/
|
|
|
|
module.exports = function (strapi) {
|
|
const hook = {
|
|
|
|
/**
|
|
* Default options
|
|
*/
|
|
|
|
defaults: {
|
|
cors: {
|
|
origin: true,
|
|
expose: ['WWW-Authenticate', 'Server-Authorization'],
|
|
maxAge: 31536000,
|
|
credentials: true,
|
|
methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS', 'HEAD'],
|
|
headers: ['Content-Type', 'Authorization']
|
|
}
|
|
},
|
|
|
|
/**
|
|
* Initialize the hook
|
|
*/
|
|
|
|
initialize: function (cb) {
|
|
if (_.isPlainObject(strapi.config.cors) && !_.isEmpty(strapi.config.cors)) {
|
|
strapi.app.use(strapi.middlewares.cors({
|
|
origin: strapi.config.cors.origin,
|
|
expose: strapi.config.cors.expose,
|
|
maxAge: strapi.config.cors.maxAge,
|
|
credentials: strapi.config.cors.credentials,
|
|
methods: strapi.config.cors.methods,
|
|
headers: strapi.config.cors.headers
|
|
}));
|
|
}
|
|
|
|
cb();
|
|
}
|
|
};
|
|
|
|
return hook;
|
|
};
|