npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@noahsaso/itty-cors

v0.3.6

Published

Simple (and tiny) CORS-handling for any itty-router API. Designed on Cloudflare Workers, but works anywhere.

Downloads

4

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

noahsasonoahsaso

Keywords

fetchapihelpertinyjson

Readme

itty-cors

Version Bundle Size Build Status Coverage Status NPM Weekly Downloads Open Issues

Discord GitHub Repo stars Twitter

Simple CORS-handling for any itty-router API. Designed on Cloudflare Workers, but works anywhere.

Features

  • Tiny. Currently ~600 bytes, with zero-dependencies.
  • Fully Typed/TypeScript
  • Granular control over allowed methods, origins, etc.
  • handles OPTIONS preflight requests
  • response processor (corsify) can be used per-response, or globally downstream

!! Breaking API Changes (pre v1.x)!!

You're using an early-access package. Until itty-cors hits a stable v1.0 release, API changes will be broadcasted as minor version bumps.

  • v0.3.0 - preflight now MUST be included on the .all channel (all methods), rather than .options alone, to allow for origin-checking.
  • v0.2.0 - allowOrigins: string has been replaced with origins: string[] to accept an array of origins, and multi-origin support is now correctly implemented.
    // previously
const { preflight, corsify } = createCors({ allowOrigin: '*' })

// now
const { preflight, corsify } = createCors({ origins: ['*'] })

Simple Usage

import { Router } from 'itty-router'
import { error, json, missing } from 'itty-router-extras'
import { createCors } from 'itty-cors'

// create CORS handlers
const { preflight, corsify } = createCors()

const router = Router()

// register v2 API plus all routes
router
  .all('*', preflight)                                  // handle CORS preflight/OPTIONS requests
  .get('/version', () => json({ version: '0.1.0' }))    // GET release version
  .get('/stuff', () => json(['foo', 'bar', 'baz']))     // GET some other random stuff
  .all('*', () => missing('Are you sure about that?'))  // 404 for all else

// CF ES6 module syntax
export default {
  fetch: (...args) => router
                        .handle(...args)
                        .catch(err => error(500, err.stack))
                        .then(corsify) // cors should be applied to error responses as well
}

CORS enabled on a single route (and advanced options)

import { Router } from 'itty-router'
import { error, json, missing } from 'itty-router-extras'
import { createCors } from 'itty-cors'

// create CORS handlers
const { preflight, corsify } = createCors({
  methods: ['GET', 'POST', 'DELETE'], // GET is included by default... omit this if only using GET
  origins: ['*'],                     // defaults to allow all (most common).  Restrict if needed.
  maxAge: 3600,
  headers: {
    'my-custom-header': 'will be injected with each CORS-enabled response',
  },
})

const router = Router()

// register v2 API plus all routes
router
  .all('*', preflight)                                  // handle CORS preflight/OPTIONS requests
  .get('/version', () => corsify(json({ version: '0.1.0' })))  // GET release version (CORS-enabled)
  .get('/stuff', () => json(['foo', 'bar', 'baz']))     // GET some other random stuff (no CORS allowed)
  .all('*', () => missing('Are you sure about that?'))  // 404 for all else

// CF ES6 module syntax
export default {
  fetch: (...args) => router
                        .handle(...args)
                        .catch(err => error(500, err.stack))
}

API

createCors(options?) => { preflight: function, corsify: function }

Returns an object with two properties, preflight (a preflight OPTIONS middleware), and corsify (a response-handling function).

| Option | Type(s) | Default | Description | | --- | --- | --- | --- | | origins | string[] | ['*'] | By default, all origins are allowed (most common). Modify this to restrict to specific origins. | maxAge | number | 3600 | Set the expiry of responses | methods | string[] | ['GET'] | Define which methods are allowed. OPTIONS will be automatically added. | headers | object | {} | Add any custom headers to be injected with CORS-enabled responses.

preflight(request: Request) => Response

This is the preflight middleware to be injected upstream on options requests.

router.options('*', preflight) // that's it!

corsify(response: Response) => Response

This wrapper injects CORS headers into a response, if not already set (upstream). Use this at the end of the router.handle Promise chain to CORS-enable all responses/the entire API, or wrap any response generator (e.g. json() from itty-router-extras) to make a single CORS-enabled response.