}) app.options('/', corsMiddleware)
/** * Routes - Public */ app.options(`*`, (req, res) => { res.status(200).send() })
// app.use('/api', api); // Allow cors middleware app.use((req, res, next) => { res.header('Access-Control-Allow-Origin', '*') res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept') next() app.options('*', (res, req) => { res.header('Access-Control-Allow-Methods', 'GET, PATCH, PUT, POST, DELETE, OPTIONS') }) })
app.options("/api", cors, function(req, res, next){ console.log("OPTIONS route:",req.headers) res.sendStatus(200); });
express.options("/api/pets/:name", (req, res, next) => { expect(res.get("Access-Control-Allow-Origin")).to.equal(undefined); expect(res.get("Access-Control-Allow-Methods")).to.equal(undefined); .options("/api/pets/Fido") .expect(200) .expect("Access-Control-Allow-Origin", "*") express.options("/api/pets/:name", (req, res, next) => { assert(false, "This middleware should NOT get called"); });
}); app.options("*", (req, res) => { res.status(200).send(); });
express.options("/api/pets/:name", (req, res, next) => { expect(res.get("Access-Control-Allow-Origin")).to.equal(undefined); expect(res.get("Access-Control-Allow-Methods")).to.equal(undefined); .options("/api/pets/Fido") .expect(200) .expect("Access-Control-Allow-Origin", "http://some.company.net") express.options("/api/pets/:name", (req, res, next) => { assert(false, "This middleware should NOT get called"); });