BoxLang 🚀 A New JVM Dynamic Language Learn More...
cors
Add CORS headers to your app in one module
This module detects CORS requests, validates them against the configured origins, and handles preflight requests.
The following is the default configuration.
settings = {
autoRegisterInterceptor = true,
allowOrigins = function( event ) {
return event.getHTTPHeader( "Origin", "*" );
},
allowMethods = function( event ) {
return event.getHTTPMethod();
},
allowHeaders = function( event ) {
return event.getHTTPHeader( "Access-Control-Request-Headers", "" );
},
maxAge = 60 * 60 * 24, // 1 day
allowCredentials = true,
eventPattern = ".*",
shouldReturnPreflight = function( event ) {
return event.isInvalidHTTPMethod( );
}
};
autoRegisterInterceptor
If you need more control over the order of your interceptors you can
disable the automatic loading of the CORS interceptor. If you do this
you will need to register it yourself (most likely in config/ColdBox.cfc)
as cors.interceptors.CORS.
v3.0.9
24 Aug 2023 — 02:19: 56 UTC
other
- *: chore: Pin commandbox-semantic-release to ^3.0.0 (04250c7)
v3.0.4
15 Jul 2020 — 20:39: 40 UTC
fix
- CI: Fix for packaging up a recursive zip (e57bf90)
v3.0.3
13 Feb 2020 — 17:26: 11 UTC
other
- *: chore: Use forgeboxStorage (6168181)
v3.0.2
15 Jan 2020 — 23:37: 40 UTC
fix
- CORS: Fix automatic options requests (2a2cdc6)
v3.0.1
24 Oct 2019 — 02:37: 12 UTC
other
- *: fix: Use dynamic provider instead of just template for cached events (dbe5c3e)
v3.0.0
23 Oct 2019 — 16:24: 43 UTC
BREAKING
- *: fix: Fix event caching (b60d18b)
v2.2.2
16 Oct 2019 — 17:58: 04 UTC
other
- *: fix: Use the Access-Control-Allow-Method if present (a218419)
- *: fix: OPTIONS requests are always allowed in preflight requests (b71a57e)
v2.2.1
17 Sep 2019 — 22:56: 58 UTC
docs
- README: Update default settings (a10c90a)
v2.2.0
10 Sep 2019 — 21:52: 09 UTC
feat
- ModuleConfig: Add flag to prevent automatic loading (240e306)
fix
- build: Use OpenJDK instead of Oracle (b0cc52b)
v2.1.0
09 Aug 2019 — 21:57: 25 UTC
chore
- build: Add adobe@2018 to testing matrix (ee5e50c)
feat
- cors: Dynamically determine allowed headers (25a98ba)
- cors: Dynamically determine allowed methods (1e33450)
- cors: Dynamically determine allowed origins (97cae05)
v2.0.3
16 Jul 2019 — 21:38: 52 UTC
other
- *: chore: Add debug logging for future debugging (73c0190)
v2.0.2
15 Jul 2019 — 16:35: 09 UTC
other
- *: chore: remove Node dependencies (429e68c)
- *: fix: Move postProcess to preEvent to fit within caching lifecycle (d2184f0)
- *: fix: Remove duplicate code (091140e)
v2.0.1
11 Jul 2019 — 22:08: 54 UTC
fix
- Caching: Fix for event caching when expiring (a06dbfa)
v2.0.0
10 Jul 2019 — 19:41: 08 UTC
BREAKING
- CORS: Ignore cached events for CORS (9d6fd4c)
31 Jan 2018 — 23:23: 01 UTC
chore
- build: trigger minor release (ef05a5c)
31 Jan 2018 — 23:11: 40 UTC
feat
- events: Add eventPattern to settings (#2) (b7544a9)
27 Jan 2018 — 06:09: 38 UTC
chore
- build: Remove unnecessary package scripts (88f7e90)
- build: Fix ACF builds (dc433de)
- build: Add Travis CI and Semantic Release (d084e2f)
feat
- cors: Add isAllowed check and response (36d605e)
- cors: Send a generic preflight back if none defined (352e20d)
other
-
Eric Peterson
- Published
-
3.0.9 is the latest of 23 release(s)
Published
- Published on {{ getFullDate("2023-08-24T02:19:57Z") }}
-
-
MIT
- coldbox-modules/cors
Use It
$
box install cors
Collaborators 0
No collaborators yet.
Stats
- {{ getFullDate("2017-02-24T10:35:59Z") }}
- {{ getFullDate("2023-08-24T02:19:57Z") }}
- 8,856
- 123,217