ritwickdey · November 21, 2018 06:14
diff --git a/cors.js b/cors.js
 const express = require('express');
 const app = express();

 //CORS Setup
 app.use((req, res, next) => {
  res.header('Access-Control-Allow-Origin', '*'); // Allowed Origins. 
  res.header('Access-Control-Allow-Headers', '*'); // Allowed Headers. 
  res.header('Access-Control-Expose-Headers', 'token'); // Exposed Headers - means client only can access those headers. 

  if (req.method === 'OPTIONS') {
    res.header('Access-Control-Allow-Methods', 'PUT, POST, PATCH, DELETE'); // Allowed Methods. 
    res.header('Access-Control-Max-Age', 5 * 24 * 60 * 60); //5 days... But Chrome will take its MAX value.  :D
    return res.status(200).json({});
  }
  next();
 });
	const express = require('express');
	const app = express();

	//CORS Setup
	app.use((req, res, next) => {
	res.header('Access-Control-Allow-Origin', '*'); // Allowed Origins.
	res.header('Access-Control-Allow-Headers', '*'); // Allowed Headers.
	res.header('Access-Control-Expose-Headers', 'token'); // Exposed Headers - means client only can access those headers.

	if (req.method === 'OPTIONS') {
	res.header('Access-Control-Allow-Methods', 'PUT, POST, PATCH, DELETE'); // Allowed Methods.
	res.header('Access-Control-Max-Age', 5 * 24 * 60 * 60); //5 days... But Chrome will take its MAX value. :D
	return res.status(200).json({});
	}
	next();
	});