{"library":"restify-cors-middleware","title":"Restify CORS Middleware","description":"restify-cors-middleware is a library providing W3C-compliant Cross-Origin Resource Sharing (CORS) middleware specifically designed for Restify servers. The current stable version is 1.1.1. This library offers robust control over allowed origins, headers, and preflight requests. Key differentiators include its dynamic handling of `Access-Control-Allow-Origin` by returning the matched origin rather than a simple wildcard, which enhances security. It supports flexible origin specification using strings, wildcards, and regular expressions. The package maintains compatibility with a broad range of Restify versions (2.6.x - 7.x.x) through its peer dependency. While a specific release cadence isn't documented, historical releases show updates addressing security concerns, such as the upgrade to Restify 4.1.x to fix a `negotiator` module vulnerability in version 0.0.7. It is predominantly used in CommonJS environments.","language":"javascript","status":"active","last_verified":"Thu Apr 23","install":{"commands":["npm install restify-cors-middleware"],"cli":null},"imports":["const corsMiddleware = require('restify-cors-middleware')"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"const restify = require('restify');\nconst corsMiddleware = require('restify-cors-middleware');\n\nconst server = restify.createServer({\n  name: 'my-restify-app'\n});\n\nconst cors = corsMiddleware({\n  preflightMaxAge: 5, // Optional: cache preflight responses for 5 seconds\n  origins: [\n    'http://localhost:3000', // Example allowed client origin\n    'http://myfrontend.com',\n    /^https?:\\/\\/staging\\.myfrontend\\.com(:[\\d]+)?$/ // Regex for staging environment\n  ],\n  allowHeaders: ['API-Token', 'X-Requested-With'], // Headers client is allowed to send\n  exposeHeaders: ['API-Token-Expiry', 'X-Custom-Header'] // Headers client is allowed to read\n});\n\nserver.pre(cors.preflight); // Handle preflight OPTIONS requests before routing\nserver.use(cors.actual);    // Handle actual CORS requests and apply headers\n\nserver.get('/hello', (req, res, next) => {\n  res.send({ message: 'Hello from Restify!' });\n  return next();\n});\n\nserver.listen(8080, () => {\n  console.log('%s listening at %s', server.name, server.url);\n});","lang":"javascript","description":"This code sets up a basic Restify server with CORS protection, configuring allowed origins, headers, and demonstrating how to apply the preflight and actual CORS middleware.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}