-
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathcors-proxy.js
47 lines (41 loc) · 1.39 KB
/
cors-proxy.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
/**
* A simple CORS proxy, for accessing API services which aren't CORS-enabled.
* Receives requests from frontend, applies correct access control headers,
* makes request to endpoint, then responds to the frontend with the response
*/
const axios = require('axios');
module.exports = (req, res) => {
// Apply allow-all response headers
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET, PUT, PATCH, POST, DELETE');
if (req.header('access-control-request-headers')) {
res.header('Access-Control-Allow-Headers', req.header('access-control-request-headers'));
}
// Pre-flight
if (req.method === 'OPTIONS') {
res.send();
return;
}
// Get desired URL, from Target-URL header
const targetURL = req.header('Target-URL');
if (!targetURL) {
res.status(500).send({ error: 'There is no Target-Endpoint header in the request' });
return;
}
// Apply any custom headers, if needed
const headers = req.header('CustomHeaders') ? JSON.parse(req.header('CustomHeaders')) : {};
// Prepare the request
const requestConfig = {
method: req.method,
url: targetURL,
json: req.body,
headers,
};
// Make the request, and respond with result
axios.request(requestConfig)
.then((response) => {
res.status(200).send(response.data);
}).catch((error) => {
res.status(500).send({ error });
});
};