Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Send additional http headers with Express.JS

I have a few static pages served with Express.JS. The setup is easy:

var app = express();  app.configure(function(){   app.use(express.static(path.join(application_root, "StaticPages")));   app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); }); 

I want the response to include an addittional http header (Access-Control-Allow-Origin:*). Where should it be placed? I tried the below sample, but of course the header appears only on the default page:

app.get('/', function(req, res){   res.setHeader("Access-Control-Allow-Origin", "*");   res.send('Hello World'); }); 

Thanks.

like image 442
csg Avatar asked Jan 05 '13 12:01

csg


People also ask

How do I set multiple headers in node JS?

Use an array of strings here to send multiple headers with the same name. Non-string values will be stored without modification. Therefore, response. getHeader() may return non-string values.

Can you add custom HTTP headers?

Another example of using a custom HTTP header would be to implement the X-Pull header. You can use this custom header for a variety of purposes including rate limiting bandwidth on your origin server, restricting CDN traffic, creating custom logic on your origin server, etc.

Can Express handle multiple requests?

Express. js use different kinds of middleware functions in order to complete the different requests made by the client for e.g. client can make get, put, post, and delete requests these requests can easily handle by these middleware functions.


2 Answers

I tried the below sample, but of course the header appears only on the default page

Yes, that is because you defined it just for the GET / route and not for the other paths. You should use a middleware instead.

If you wish to set the header for all requests:

app.configure(function(){   app.use(function(req, res, next) {     res.setHeader("Access-Control-Allow-Origin", "*");     return next();   });   app.use(express.static(path.join(application_root, "StaticPages")));   app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); }); 

If you just want to do it for the static folders, there is no general method. You can probably change the express.static(which comes from connect.static). Another way to do it is to match urls and set the header if the url is matched.

app.configure(function(){   app.use(function(req, res, next) {     var matchUrl = '/StaticFolder';     if(req.url.substring(0, matchUrl.length) === matchUrl) {       res.setHeader("Access-Control-Allow-Origin", "*");     }     return next();   });   app.use(express.static(path.join(application_root, "StaticPages")));   app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); }); 

NOTE: that the middleware need to be before the routes to make effect, in other words you can't put the middleware after the static middleware.

like image 177
Mattias Avatar answered Sep 19 '22 17:09

Mattias


Another way :

app.use(express.static(     path.join(application_root, "StaticPages"),     {         setHeaders: (res) => {             res.setHeader('Access-Control-Allow-Origin', '*')         }     } )) 
like image 45
David Casier Avatar answered Sep 17 '22 17:09

David Casier