antono / connect-cors Goto Github PK

I'm currently working on this, but I'm having some issues. Mind helping out?

If you don't plan to work on this project anymore, will you click on the admin button of the project and transfer ownership to one of the other forks?

Hi, appreciate the library! We're using it with success, but one issue - the way you're using the input config object, config.origins is an input array that you're modifying by replacing the input strings with a RegExp object.

This would be fine except array objects are pass by reference, so if multiple node apps are sharing the same CORS settings object (we're doing this during unit tests)...once the next app tries to send the same settings object back into your library (where some of the strings have become RegExp objects), it results in this error:

TypeError: Object /^http:\/\/localhost:4003(:|$)/ has no method 'toLowerCase'
      at origin (/Users/mrobben/devproj/sold-backend/node_modules/connect-xcors/connect-cors.js:121:36)
      at Array.forEach (native)
      at create (/Users/mrobben/devproj/sold-backend/node_modules/connect-xcors/connect-cors.js:119:22)

I'm happy to fix this for you in one of 3 ways -

1. duplicate the input settings object so you're always using your own object rather than what's passed
2. use a different var for the regexp table of origins
3. document this behavior so other people don't make the mistake of sending shared settings objects in expecting they won't get modified by the lib.

Needs an option to add Access-Control-Max-Age: 600

What's the correct way to read POST request payload? I'm using connect-xcors and I can't seem to find where POST payload is stored.

  var server = connect.createServer(
      connect.logger(),
      CORS(options),
      connect.bodyParser(), function(req,res) {
           var foo = req.body.foo; /* this is where bodyParser() stores the payload */
           res.end();
      }
 )

I first thought it was connect.bodyParser() that was messing with me but removing that didn't solve the issue. All help is appreciated.

I'm going to fork this and put my name in an AUTHORS file at the root. It looks like the code is pretty much the same as when I pull requested it, with perhaps a few additional bug fixes... and at least one new bug - being translated to coffeescript ;-P

When I'm using it as a portfolio item I want to be able to show that I indeed had a major role in the creation of the module.

Hi,

Could you pull from https://github.com/zandaq/connect-cors to fix access-control-allow-credentials:true

Thx

Romain