opensource/json-server
1
0
Fork 0
mirror of https://github.com/typicode/json-server.git synced 2025-07-30 13:42:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Allow disabling of CORS

Browse Source 
It is desirable to disable CORS for development purposes in order to
validate same-origin policy and web security concepts. Additionally,
json-server could be used to show proxy concepts.

This change adds a new CLI option `--no-cors` which disables CORS by not
adding the CORS middleware. The change is backwards compatible since the
default behavior, i.e. adding CORS headers is retained.
This commit is contained in:
Ben Ripkens
2016-01-17 08:27:05 +01:00
parent b751cec815
commit c50532dd75
4 changed files with 46 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/server/defaults.js
View File

@ -32,7 +32,9 @@ module.exports = function (opts) {
}
// Enable CORS for all the requests, including static files
arr.push(cors({ origin: true, credentials: true }))
if (!opts.noCors) {
arr.push(cors({ origin: true, credentials: true }))
}
if (process.env.NODE_ENV === 'development') {
// only use in development