Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(index): change default methods to cors-safelisted methods #359

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

refactor(index): change default methods to cors-safelisted methods #359

wants to merge 2 commits into from
+13 −13

Conversation

Fdawgs
Copy link
Member

@Fdawgs Fdawgs commented Feb 18, 2025

Closes #358.

This is a breaking change and will require a semver major release.

Checklist

@Fdawgs Fdawgs requested a review from a team February 19, 2025 09:01
climba03003
climba03003 requested changes Feb 19, 2025
View reviewed changes
index.js Outdated
@@ -8,7 +8,7 @@ const {

const defaultOptions = {
origin: '*',
methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',
methods: 'GET,HEAD,PUT',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From your reference, it should be GET, HEAD and POST. Instead of PUT.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whoops, thanks @climba03003, fixed in 32c895b

@Fdawgs Fdawgs requested a review from climba03003 February 19, 2025 15:20
climba03003
climba03003 approved these changes Feb 19, 2025
View reviewed changes
Copy link
Member

@climba03003 climba03003 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but please wait for one more approval before merging.

@Fdawgs Fdawgs requested a review from a team February 24, 2025 06:02
jean-michelet
jean-michelet reviewed Feb 24, 2025
View reviewed changes
README.md
@@ -63,7 +63,7 @@ You can use it as is without passing any option or you can configure it as expla
cb(new Error("Not allowed"), false)
}
```
* `methods`: Configures the **Access-Control-Allow-Methods** CORS header. Expects a comma-delimited string (e.g., 'GET,PUT,POST') or an array (e.g., `['GET', 'PUT', 'POST']`). Default: `GET,HEAD,PUT,PATCH,POST,DELETE`.
* `methods`: Configures the **Access-Control-Allow-Methods** CORS header. Expects a comma-delimited string (e.g., 'GET,PUT,POST') or an array (e.g., `['GET', 'PUT', 'POST']`). Default: `GET,HEAD,PUT`.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't we add some explanations and a link to the specification?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jean-michelet jean-michelet jean-michelet left review comments

@climba03003 climba03003 climba03003 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Change default for methods option value to safe values
3 participants
@Fdawgs @climba03003 @jean-michelet