SyntaxFix

[javascript] How can I set response header on express.js assets

I need to set CORS to be enabled on scripts served by express. How can I set the headers in these returned responses for public/assets?

This question is related to javascript node.js express

The answer is

There is at least one middleware on npm for handling CORS in Express: cors.

@klode's answer is right.

However, you are supposed to set another response header to make your header accessible to others.

Example:

First, you add 'page-size' in response header

response.set('page-size', 20);

Then, all you need to do is expose your header

response.set('Access-Control-Expose-Headers', 'page-size')

_x000D_
_x000D_ 
service.use(function(req, res, next) {_x000D_
    res.header("Access-Control-Allow-Origin", "*");_x000D_
    res.header("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT");_x000D_
    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");_x000D_
    next();_x000D_
  });
_x000D_
_x000D_
_x000D_

Short Answer:

  • res.setHeaders - calls the native Node.js method

  • res.set - sets headers

  • res.headers - an alias to res.set

You can do this by using cors. cors will handle your CORS response

var cors = require('cors')

app.use(cors());

This is so annoying.

Okay if anyone is still having issues or just doesn't want to add another library. All you have to do is place this middle ware line of code before your routes.

Cors Example

app.use((req, res, next) => {
    res.append('Access-Control-Allow-Origin', ['*']);
    res.append('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
    res.append('Access-Control-Allow-Headers', 'Content-Type');
    next();
});

// Express routes
app.get('/api/examples', (req, res)=> {...});

You can also add a middleware to add CORS headers, something like this would work:

/**
 * Adds CORS headers to the response
 *
 * {@link https://en.wikipedia.org/wiki/Cross-origin_resource_sharing}
 * {@link http://expressjs.com/en/4x/api.html#res.set}
 * @param {object} request the Request object
 * @param {object} response the Response object
 * @param {function} next function to continue execution
 * @returns {void}
 * @example
 * <code>
 * const express = require('express');
 * const corsHeaders = require('./middleware/cors-headers');
 *
 * const app = express();
 * app.use(corsHeaders);
 * </code>
 */
module.exports = (request, response, next) => {
    // http://expressjs.com/en/4x/api.html#res.set
    response.set({
        'Access-Control-Allow-Origin': '*',
        'Access-Control-Allow-Methods': 'DELETE,GET,PATCH,POST,PUT',
        'Access-Control-Allow-Headers': 'Content-Type,Authorization'
    });

    // intercept OPTIONS method
    if(request.method === 'OPTIONS') {
        response.send(200);
    } else {
        next();
    }
};

Source: Stackoverflow.com

Examples related to javascript

need to add a class to an element How to make a variable accessible outside a function? Hide Signs that Meteor.js was Used How to create a showdown.js markdown extension Please help me convert this script to a simple image slider Highlight Anchor Links when user manually scrolls? Summing radio input values How to execute an action before close metro app WinJS javascript, for loop defines a dynamic variable name Getting all files in directory with ajax

Examples related to node.js

Hide Signs that Meteor.js was Used Querying date field in MongoDB with Mongoose SyntaxError: Cannot use import statement outside a module Server Discovery And Monitoring engine is deprecated How to fix ReferenceError: primordials is not defined in node UnhandledPromiseRejectionWarning: This error originated either by throwing inside of an async function without a catch block dyld: Library not loaded: /usr/local/opt/icu4c/lib/libicui18n.62.dylib error running php after installing node with brew on Mac internal/modules/cjs/loader.js:582 throw err DeprecationWarning: Buffer() is deprecated due to security and usability issues when I move my script to another server Please run `npm cache clean`

Examples related to express

UnhandledPromiseRejectionWarning: This error originated either by throwing inside of an async function without a catch block jwt check if token expired Avoid "current URL string parser is deprecated" warning by setting useNewUrlParser to true MongoNetworkError: failed to connect to server [localhost:27017] on first connect [MongoNetworkError: connect ECONNREFUSED 127.0.0.1:27017] npm notice created a lockfile as package-lock.json. You should commit this file Make Axios send cookies in its requests automatically What does body-parser do with express? SyntaxError: Unexpected token function - Async Await Nodejs Route.get() requires callback functions but got a "object Undefined" How to redirect to another page in node.js

Tags

Msysgit Associate Requiressl Exif File-import Gesturedetector Detection Directx-9 Sigabrt Flexigrid Python-2.5 Radscheduler Casting System.transactions Instant-messaging Platform-agnostic Google-instant-previews Outgoing-mail Key-value Reorganize Mozilla-prism Google-doodle Nsmutablestring Android-monkey Custom-server-controls Sha512 Master-detail Wms Export-to-csv Coclass Mindmapping Nsobject Ksoap2 Illegalmonitorstateexcep Functional-programming Reset-button Worker Imageview Jts Spoof Android-gallery Tablesorter String-split Dbtable Transactional-memory Emulation Process-management Panoramio Launchd Wadl Sax Design-principles Generative-programming Timer-jobs Controlcollection Php-mode Parental-control Mojoportal Database-administration Er-diagrams Mouse-coordinates Convolution Gmock Xaf Minifilter Cookie-path Over-clause Proj Attach-to-process Oracle-spatial Livedocx Jdbcrealm Pysolr Defunct Aesthetics Nitrogen Multimedia Tribool Snoopy Ruby-prof Installation Odp Webby Source-server Google-apps-for-education Directory-walk Cursor.current Integrated-security Role Rtm Handles Freeglut Devserver Mamp Permalink-fu Fieldmanager Minidump Xlrd Shop Pabx