From fee800f0dc13a1df5b696035f09c43b8c714371b Mon Sep 17 00:00:00 2001 From: Troy Goode Date: Sun, 9 Nov 2014 21:50:12 -0800 Subject: [PATCH] #33: fix bug that dropped support for non-Express apps in #30 --- lib/index.js | 40 ++++++++++++++++++++-------------------- package.json | 2 +- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/lib/index.js b/lib/index.js index 22c14f2..0d6faea 100644 --- a/lib/index.js +++ b/lib/index.js @@ -12,16 +12,23 @@ }; function configureOrigin(options, req) { - var origin = options.origin; - if (origin === true) { - origin = req.headers.origin; - } else if (!origin) { - origin = '*'; + if (!options.origin) { + return { + key: 'Access-Control-Allow-Origin', + value: '*' + }; + } else { + return [ + { + key: 'Access-Control-Allow-Origin', + value: options.origin === true ? req.headers.origin : options.origin + }, + { + key: 'Vary', + value: 'Origin' + } + ]; } - return { - key: 'Access-Control-Allow-Origin', - value: origin - }; } function configureMethods(options) { @@ -95,21 +102,14 @@ headers.forEach(function (header) { if (header) { if (Array.isArray(header)) { - return applyHeaders(header, res); + applyHeaders(header, res); + } else if (header.key === 'Vary' && header.value) { + vary(res, header.value); } else if (header.value) { - if (res.set) { - // for Express 4+ - res.set(header.key, header.value); - } else { - // for Express <4 - res.setHeader(header.key, header.value); - } + res.setHeader(header.key, header.value); } } }); - if (res.get('Origin') !== '*') { - vary(res, 'Origin'); - } }; if (method === 'OPTIONS') { diff --git a/package.json b/package.json index 869959d..2905a51 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cors", - "version": "2.5.1", + "version": "2.5.2", "author": "Troy Goode (https://github.com/troygoode/)", "description": "middleware for dynamically or statically enabling CORS in express/connect applications", "keywords": ["cors", "express", "connect", "middleware"],