setCORS method

void setCORS(

APIRequest request, {
bool allowCredentials = true,
List<String>? allowMethods,
List<String>? allowHeaders,
List<String>? exposeHeaders,

})

Sets the CORS (Cross-origin Resource Sharing) headers of this response.

Implementation

void setCORS(APIRequest request,
    {bool allowCredentials = true,
    List<String>? allowMethods,
    List<String>? allowHeaders,
    List<String>? exposeHeaders}) {
  var origin = request.origin;

  var localhost = false;

  if (origin.isEmpty) {
    headers["Access-Control-Allow-Origin"] = "*";
  } else {
    headers["Access-Control-Allow-Origin"] = origin;

    if (origin.contains("://localhost:") ||
        origin.contains("://127.0.0.1:") ||
        origin.contains("://::1")) {
      localhost = true;
    }
  }

  headers["Access-Control-Allow-Methods"] =
      allowMethods?.join(',') ?? 'GET,HEAD,PUT,POST,PATCH,DELETE,OPTIONS';

  headers["Access-Control-Allow-Credentials"] =
      allowCredentials ? 'true' : 'false';

  if (localhost) {
    headers["Access-Control-Allow-Headers"] = allowHeaders?.join(', ') ??
        'Content-Type, Access-Control-Allow-Headers, Authorization, x-ijt';
  } else {
    headers["Access-Control-Allow-Headers"] = allowHeaders?.join(', ') ??
        'Content-Type, Access-Control-Allow-Headers, Authorization';
  }

  headers["Access-Control-Expose-Headers"] =
      exposeHeaders?.join(', ') ?? APIResponse.exposeHeaders;
}

setCORS method

Implementation

APIResponse class