Update micro-cors

Author: DeltaEvo

micro-cors.js

@@ -20,43 +20,27 @@ const DEFAULT_ALLOW_HEADERS = [
 
 const DEFAULT_MAX_AGE_SECONDS = 60 * 60 * 24 // 24 hours
 
-const cors = options => handler => (req, res, ...restArgs) => {
+const cors = (options = {}) => handler => (req, res, ...restArgs) => {
   const {
-    maxAge,
-    origin,
-    allowHeaders,
-    exposeHeaders,
-    allowMethods
-  } = (options || {})
-
-  res.setHeader(
-    'Access-Control-Max-Age',
-    '' + (maxAge || DEFAULT_MAX_AGE_SECONDS)
-  )
-
-  res.setHeader(
-    'Access-Control-Allow-Origin',
-    (origin || '*')
-  )
-
-  res.setHeader(
-    'Access-Control-Allow-Methods',
-    (allowMethods || DEFAULT_ALLOW_METHODS).join(',')
-  )
-
-  res.setHeader(
-    'Access-Control-Allow-Headers',
-    (allowHeaders || DEFAULT_ALLOW_HEADERS).join(',')
-  )
-
-  if (exposeHeaders && exposeHeaders.length) {
-    res.setHeader(
-      'Access-Control-Expose-Headers',
-      exposeHeaders.join(',')
-    )
+    origin = '*',
+    maxAge = DEFAULT_MAX_AGE_SECONDS,
+    allowMethods = DEFAULT_ALLOW_METHODS,
+    allowHeaders = DEFAULT_ALLOW_HEADERS,
+    exposeHeaders = []
+  } = options
+
+  res.setHeader('Access-Control-Allow-Origin', origin)
+  res.setHeader('Access-Control-Allow-Credentials', 'true')
+  if (exposeHeaders.length) {
+    res.setHeader('Access-Control-Expose-Headers', exposeHeaders.join(','))
   }
 
-  res.setHeader('Access-Control-Allow-Credentials', 'true')
+  const preFlight = req.method === 'OPTIONS'
+  if (preFlight) {
+    res.setHeader('Access-Control-Allow-Methods', allowMethods.join(','))
+    res.setHeader('Access-Control-Allow-Headers', allowHeaders.join(','))
+    res.setHeader('Access-Control-Max-Age', String(maxAge))
+  }
 
   return handler(req, res, ...restArgs)
 }