{"library":"restify-cors-middleware2","title":"Restify CORS Middleware 2","description":"restify-cors-middleware2 is a specialized CORS (Cross-Origin Resource Sharing) middleware designed for use with Restify servers, providing full compliance with the W3C CORS specification. The package, currently at version 2.2.1, offers robust features for handling preflight requests and actual requests, with advanced capabilities for defining allowed origins using strings, wildcards, and regular expressions. A key differentiator is its enhanced security posture, where it dynamically sets the `Access-Control-Allow-Origin` header to the matching origin, rather than a broad wildcard, preventing information leakage about other supported domains. It also clearly documents potential security implications of using `origins: ['*']`. This middleware is a successor to an earlier `restify-cors-middleware` package, indicating updates and potential breaking changes from its predecessor. It includes TypeScript declaration files, facilitating its use in TypeScript projects. The release cadence is moderate, with stable versions released as needed for feature enhancements and bug fixes.","language":"javascript","status":"active","last_verified":"Thu Apr 23","install":{"commands":["npm install restify-cors-middleware2"],"cli":null},"imports":["const corsMiddleware = require('restify-cors-middleware2');","import corsMiddleware from 'restify-cors-middleware2';","import type { CorsOptions } from 'restify-cors-middleware2';"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"const restify = require('restify');\nconst corsMiddleware = require('restify-cors-middleware2');\n\nconst server = restify.createServer({\n  name: 'my-cors-server',\n});\n\nconst cors = corsMiddleware({\n  preflightMaxAge: 5, // Cache preflight response for 5 seconds\n  origins: ['http://localhost:3000', /localhost:\\d+$/], // Allow specific origins, including regex\n  allowHeaders: ['API-Token', 'Authorization', 'Content-Type'], // Custom headers to allow\n  exposeHeaders: ['API-Token-Expiry', 'X-Custom-Header'] // Headers to expose to the client\n});\n\nserver.pre(cors.preflight);\nserver.use(cors.actual);\n\n// Example route\nserver.get('/hello', (req, res, next) => {\n  res.send({ message: 'Hello from Restify!' });\n  return next();\n});\n\nserver.listen(8080, () => {\n  console.log('%s listening at %s', server.name, server.url);\n});","lang":"javascript","description":"This quickstart demonstrates how to set up `restify-cors-middleware2` with a basic Restify server, configuring preflight caching, specific allowed origins (including a regex for localhost), and custom headers.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}