setCORS method
void
setCORS(})
Sets the CORS
(Cross-origin Resource Sharing) headers of this response.
Implementation
void setCORS(APIRequest request,
{bool allowCredentials = true,
List<String>? allowMethods,
List<String>? allowHeaders,
List<String>? exposeHeaders}) {
var origin = request.origin;
var localhost = false;
if (origin.isEmpty) {
headers["Access-Control-Allow-Origin"] = "*";
} else {
headers["Access-Control-Allow-Origin"] = origin;
if (origin.contains("://localhost:") ||
origin.contains("://127.0.0.1:") ||
origin.contains("://::1")) {
localhost = true;
}
}
headers["Access-Control-Allow-Methods"] =
allowMethods?.join(',') ?? 'GET,HEAD,PUT,POST,PATCH,DELETE,OPTIONS';
headers["Access-Control-Allow-Credentials"] =
allowCredentials ? 'true' : 'false';
if (localhost) {
headers["Access-Control-Allow-Headers"] = allowHeaders?.join(', ') ??
'Content-Type, Access-Control-Allow-Headers, Authorization, x-ijt';
} else {
headers["Access-Control-Allow-Headers"] = allowHeaders?.join(', ') ??
'Content-Type, Access-Control-Allow-Headers, Authorization';
}
headers["Access-Control-Expose-Headers"] =
exposeHeaders?.join(', ') ?? APIResponse.exposeHeaders;
}