xiongzhu
/
shorts-api


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134
							/**
 * Config source: https://git.io/JfefC
 *
 * Feel free to let us know via PR, if you find something broken in this config
 * file.
 */

import type { CorsConfig } from '@ioc:Adonis/Core/Cors'

const corsConfig: CorsConfig = {
    /*
    |--------------------------------------------------------------------------
    | Enabled
    |--------------------------------------------------------------------------
    |
    | A boolean to enable or disable CORS integration from your AdonisJs
    | application.
    |
    | Setting the value to `true` will enable the CORS for all HTTP request. However,
    | you can define a function to enable/disable it on per request basis as well.
    |
    */
    enabled: true,

    // You can also use a function that return true or false.
    // enabled: (request) => request.url().startsWith('/api')

    /*
    |--------------------------------------------------------------------------
    | Origin
    |--------------------------------------------------------------------------
    |
    | Set a list of origins to be allowed for `Access-Control-Allow-Origin`.
    | The value can be one of the following:
    |
    | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
    |
    | Boolean (true)    - Allow current request origin.
    | Boolean (false)   - Disallow all.
    | String            - Comma separated list of allowed origins.
    | Array             - An array of allowed origins.
    | String (*)        - A wildcard (*) to allow all request origins.
    | Function          - Receives the current origin string and should return
    |                     one of the above values.
    |
    */
    origin: true,

    /*
    |--------------------------------------------------------------------------
    | Methods
    |--------------------------------------------------------------------------
    |
    | An array of allowed HTTP methods for CORS. The `Access-Control-Request-Method`
    | is checked against the following list.
    |
    | Following is the list of default methods. Feel free to add more.
    */
    methods: ['GET', 'HEAD', 'POST', 'PUT', 'DELETE'],

    /*
    |--------------------------------------------------------------------------
    | Headers
    |--------------------------------------------------------------------------
    |
    | List of headers to be allowed for `Access-Control-Allow-Headers` header.
    | The value can be one of the following:
    |
    | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers
    |
    | Boolean(true)     - Allow all headers mentioned in `Access-Control-Request-Headers`.
    | Boolean(false)    - Disallow all headers.
    | String            - Comma separated list of allowed headers.
    | Array             - An array of allowed headers.
    | Function          - Receives the current header and should return one of the above values.
    |
    */
    headers: true,

    /*
    |--------------------------------------------------------------------------
    | Expose Headers
    |--------------------------------------------------------------------------
    |
    | A list of headers to be exposed by setting `Access-Control-Expose-Headers`.
    | header. By default following 6 simple response headers are exposed.
    |
    | Cache-Control
    | Content-Language
    | Content-Type
    | Expires
    | Last-Modified
    | Pragma
    |
    | In order to add more headers, simply define them inside the following array.
    |
    | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
    |
    */
    exposeHeaders: [
        'cache-control',
        'content-language',
        'content-type',
        'expires',
        'last-modified',
        'pragma'
    ],

    /*
    |--------------------------------------------------------------------------
    | Credentials
    |--------------------------------------------------------------------------
    |
    | Toggle `Access-Control-Allow-Credentials` header. If value is set to `true`,
    | then header will be set, otherwise not.
    |
    | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
    |
    */
    credentials: true,

    /*
    |--------------------------------------------------------------------------
    | MaxAge
    |--------------------------------------------------------------------------
    |
    | Define `Access-Control-Max-Age` header in seconds.
    | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
    |
    */
    maxAge: 90
}

export default corsConfig