-
-
Notifications
You must be signed in to change notification settings - Fork 470
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiple cors middlewares on same request? #79
Comments
Running into the same issue. From what we can tell multiple calls to We don't want Probably just going to gut EDIT: You can specify |
Yes, I ended up doing something like this: const corsMiddleware = cors()
router.use((req, res, next) => {
if (req.path.match(/^\/auth\/connect\//)) {
// let later cors middleware handle it!
return next()
}
return corsMiddleware(req, res, next)
}) |
I like your solution @olalonde |
I was looking into the code for cors today and I think it might be supported out of the box. It appears that there are undocumented code that supports regular expressions and arrays. When you pass an object to cors() it calls the private function isOriginAllowed with what is inside the origin property if that is not a function. That supports Array and RegExp, so you could actually have a regular expression for your domain. And it will only add the Access-Control-Allow-Origin Header if req.headers.origin matches
|
hey Hii every one i am new to opensource world can any one help me in making my first contribution in this library.by explaining it more to me and guiding me. |
I have an API where I want every path to be CORS-enabled for all origins except for
/auth/connect/twitter
because it uses a cookie based session.I was wondering if it would be possible to make it so that the last cors() middleware always overrides precedent ones. E.g.
should set the
Access-Control-Allow-Origin
tohttp://mydomain.com
. Is that possible?The text was updated successfully, but these errors were encountered: