crossDomain function

Callback crossDomain({

String permitted = 'none',

})

The X-Permitted-Cross-Domain-Policies header tells some web clients (like Adobe Flash or Adobe Acrobat) your domain's policy for loading cross-domain content.

// Sets X-Permitted-Cross-Domain-Policies: none
app.use(crossDomain());

// You can use any of the following values:
app.use(crossDomain({ permitted: 'none' }));
app.use(crossDomain({ permitted: 'master-only' }));
app.use(crossDomain({ permitted: 'by-content-type' }));
app.use(crossDomain({ permitted: 'all' }));

Implementation

Callback crossDomain({String permitted = 'none'}) {
  List<String> allowed = [
    'none',
    'master-only',
    'by-content-type',
    'all',
  ];

  return (Req req, Res res) {
    String value = allowed.contains(permitted) ? permitted : 'none';
    res.set('X-Permitted-Cross-Domain-Policies', value);
  };
}

crossDomain function

Implementation

lucifer library