Skip to content

Commit 41959b7

Browse files
mcattarinussimcattarinussi
committed
Send Allow-Origin header for all methods when cors is enabled
1 parent b34f4a6 commit 41959b7

File tree

2 files changed

+7
-4
lines changed

2 files changed

+7
-4
lines changed

index.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,8 @@ module.exports = function(options) {
9393
callbacks.push(executeLambdaCallback(func));
9494
// Setup endpoint
9595
if (e.cors) {
96-
httpConfig.eventHandler('options', path, [decorateAddCORSCallback(), send200]);
96+
httpConfig.eventHandler('options', path, [decorateAddCORSCallback(true), send200]);
97+
callbacks.unshift(decorateAddCORSCallback());
9798
}
9899
httpConfig.eventHandler(method, path, callbacks);
99100
}

lib/decorators-callbacks.js

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,11 +18,13 @@ module.exports.decorateLambdaReqCallback = function(getPrincipalId) {
1818
};
1919
};
2020

21-
module.exports.decorateAddCORSCallback = function() {
21+
module.exports.decorateAddCORSCallback = function(isOptionMethod) {
2222
return function(req, res, next) {
23+
if(isOptionMethod) {
24+
res.header('Access-Control-Allow-Methods', 'GET,PUT,HEAD,PATCH,POST,DELETE,OPTIONS');
25+
res.header('Access-Control-Allow-Headers', 'Authorization,Content-Type,x-amz-date,x-amz-security-token');
26+
}
2327
res.header('Access-Control-Allow-Origin', '*');
24-
res.header('Access-Control-Allow-Methods', 'GET,PUT,HEAD,PATCH,POST,DELETE,OPTIONS');
25-
res.header('Access-Control-Allow-Headers', 'Authorization,Content-Type,x-amz-date,x-amz-security-token');
2628
next();
2729
};
2830
};

0 commit comments

Comments
 (0)