CORS added

2017-08-10 17:56:57 -04:00 · 2017-08-10 17:56:57 -04:00 · 301e36b5c4
commit 301e36b5c4
parent 46c9027bdb
2 changed files with 40 additions and 0 deletions
--- a/lib/api/CORS.js
+++ b/lib/api/CORS.js
@ -0,0 +1,37 @@
+module.exports = function (req, res, next) {
+  let allowed = {
+
+    origins: [
+      '*',
+    ],
+
+    methods: [
+      'HEAD',
+      'GET',
+      'POST',
+      'PUT',
+      'DELETE',
+      'OPTIONS',
+    ],
+
+    headers: [
+      'Content-Type',
+      'Authorization',
+      'Content-Length',
+      'X-Requested-With',
+      'Cache-Control',
+      'X-Accept-Version',
+      'x-signature',
+      'x-pubkey',
+      'x-identity',
+      'cf-connecting-ip',
+    ],
+
+  };
+
+  res.header('Access-Control-Allow-Origin', allowed.origins.join());
+  res.header('Access-Control-Allow-Methods', allowed.methods.join());
+  res.header('Access-Control-Allow-Headers', allowed.headers.join());
+
+  next();
+};
--- a/lib/api/index.js
+++ b/lib/api/index.js
@ -3,6 +3,9 @@ const config  = require('../../config');

 const app = express();
 const api = express.Router();
+const CORS = require('./CORS');
+
+app.use(CORS);

 // Serve insight ui front end from root dir public folder
 app.use('/', express.static('./public'));