joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adds exposed headers to avoid issue in JS SDK (#4934)

Browse Source 
* Adds exposed headers to avoid issue in JS SDK

* Adds test for headers
This commit is contained in:
Florent Vilmart
2018-08-07 11:13:15 -04:00
committed by GitHub
parent ff25ae254d
commit a021fef830
2 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
spec/Middlewares.spec.js
View File

@@ -290,4 +290,16 @@ describe('middlewares', () => {
middlewares.handleParseHeaders(fakeReq, fakeRes); middlewares.handleParseHeaders(fakeReq, fakeRes);
expect(fakeRes.status).toHaveBeenCalledWith(403); expect(fakeRes.status).toHaveBeenCalledWith(403);
}); });
it('should properly expose the headers', () => {
const headers = {};
const res = {
header: (key, value) => {
headers[key] = value
}
};
middlewares.allowCrossDomain({}, res, () => {});
expect(Object.keys(headers).length).toBe(4);
expect(headers['Access-Control-Expose-Headers']).toBe('X-Parse-Job-Status-Id, X-Parse-Push-Status-Id');
});
}); });

2
src/middlewares.js
View File

@@ -247,7 +247,7 @@ export function allowCrossDomain(req, res, next) {
res.header('Access-Control-Allow-Origin', '*'); res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS'); res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
res.header('Access-Control-Allow-Headers', 'X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, Content-Type'); res.header('Access-Control-Allow-Headers', 'X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, Content-Type');
res.header('Access-Control-Expose-Headers', 'X-Parse-Job-Status-Id, X-Parse-Push-Status-Id');
// intercept OPTIONS method // intercept OPTIONS method
if ('OPTIONS' == req.method) { if ('OPTIONS' == req.method) {
res.sendStatus(200); res.sendStatus(200);