I have a few static pages served with Express.JS. The setup is easy:
var app = express(); app.configure(function(){ app.use(express.static(path.join(application_root, "StaticPages"))); app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); });
I want the response to include an addittional http header (Access-Control-Allow-Origin:*). Where should it be placed? I tried the below sample, but of course the header appears only on the default page:
app.get('/', function(req, res){ res.setHeader("Access-Control-Allow-Origin", "*"); res.send('Hello World'); });
Thanks.
Use an array of strings here to send multiple headers with the same name. Non-string values will be stored without modification. Therefore, response. getHeader() may return non-string values.
Another example of using a custom HTTP header would be to implement the X-Pull header. You can use this custom header for a variety of purposes including rate limiting bandwidth on your origin server, restricting CDN traffic, creating custom logic on your origin server, etc.
Express. js use different kinds of middleware functions in order to complete the different requests made by the client for e.g. client can make get, put, post, and delete requests these requests can easily handle by these middleware functions.
I tried the below sample, but of course the header appears only on the default page
Yes, that is because you defined it just for the GET /
route and not for the other paths. You should use a middleware instead.
If you wish to set the header for all requests:
app.configure(function(){ app.use(function(req, res, next) { res.setHeader("Access-Control-Allow-Origin", "*"); return next(); }); app.use(express.static(path.join(application_root, "StaticPages"))); app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); });
If you just want to do it for the static folders, there is no general method. You can probably change the express.static(which comes from connect.static). Another way to do it is to match urls and set the header if the url is matched.
app.configure(function(){ app.use(function(req, res, next) { var matchUrl = '/StaticFolder'; if(req.url.substring(0, matchUrl.length) === matchUrl) { res.setHeader("Access-Control-Allow-Origin", "*"); } return next(); }); app.use(express.static(path.join(application_root, "StaticPages"))); app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); });
NOTE: that the middleware need to be before the routes to make effect, in other words you can't put the middleware after the static middleware.
Another way :
app.use(express.static( path.join(application_root, "StaticPages"), { setHeaders: (res) => { res.setHeader('Access-Control-Allow-Origin', '*') } } ))
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With