Abstracted/exposed the allowPreflight method.

README.md

@@ -41,6 +41,7 @@ const server = app.listen(() => console.log('Server is running.'))
 - [allowHeaders('Origin', 'X-Requested-With')](#allowheadersorigin-x-requested-with)
 - [allowMethods('GET', 'POST', 'OPTIONS')](#allowmethodsget-post-options)
 - [allowOrigins('a.domain.com', 'b.domain.com')](#alloworiginsadomaincom-bdomaincom)
+- [allowPreflight()](#allowpreflight)
 
 ### [Responses](#Responses)
 - [200](#200)
@@ -65,6 +66,7 @@ const server = app.listen(() => console.log('Server is running.'))
 - [applyBaseUrl (req, route = '/' [, forceTLS = false])](#applybaseurl-req-route---forcetls--false)
 - [applyRelativeUrl (req, route = '/' [, forceTLS = false])](#applyrelativeurl-req-route---forcetls--false)
 - [errorType](#errorType)
+- [commonHeaders](#commonHeaders)
 
 ## Middleware
 
@@ -353,6 +355,11 @@ This can also be applied to all requests:
 ```javascript
 app.use(API.allowOrigins('a.domain.com', 'b.domain.com'))
 ```
+
+## allowPreflight
+
+This middleware responds to `OPTIONS` requests with a `200 OK` response. This method is useful because it automatically applies the appropriate CORS configurations to support any request headers submitted to the endpoint.
+
 ---
 
 ## Responses
@@ -646,3 +653,9 @@ If JSON is needed, set the errorType to `json`.
 ```javascript
 API.errorType = 'json'
 ```
+
+### commonHeaders
+
+This is an array of the most common request headers used by HTTP clients. This is useful when constructing your own list of CORS headers using the `allowHeaders` method.
+
+Headers include: `Origin`, `X-Requested-With`, `Content-Type`, and `Accept`. This list may be updated from time to time.

index.js

@@ -28,13 +28,20 @@ const getRandomValues = buf => {
   return buf
 }
 
+function priv (value) {
+  return { enumerable: false, writable: true, configurable: false, value }
+}
+
+const ERROR_TYPES = new Set(['json', 'text'])
+const COMMON_HEADERS = new Set(['Origin', 'X-Requested-With', 'Content-Type', 'Accept'])
+
 class Endpoint {
   constructor () {
-    Object.defineProperty(this, '__errorType', {
-      enumerable: false,
-      writable: true,
-      configurable: false,
-      value: 'text'
+    Object.defineProperties(this, {
+      __errorType: priv('text')
+      // __allowedMethods: priv(new Set()),
+      // __allowedHeaders: priv(new Set()),
+      // __allowedOrigins: priv(new Set())
     })
 
     // Add all known HTTP statuses
@@ -57,13 +64,17 @@ class Endpoint {
 
   set errorType (value) {
     value = (value || 'text').trim().toLowerCase()
-    if (['json', 'text'].indexOf(value) < 0) {
+    if (!ERROR_TYPES.has(value)) {
       value = 'text'
     }
 
     this.__errorType = value
   }
 
+  get commonHeaders () {
+    return Array.from(COMMON_HEADERS)
+  }
+
   // Last argument must be a callback.
   validateJsonBody () {
     let args = Array.from(arguments)
@@ -273,7 +284,7 @@ class Endpoint {
   }
 
   log (req, res, next) {
-    console.log(chalk.gray(`${(new Date()).toLocaleTimeString()}: `) + Endpoint.color(req.method)(req.method) + chalk.gray(` ${req.url}`))
+    console.log(chalk.dim(`${(new Date()).toLocaleTimeString()}: `) + Endpoint.color(req.method)(req.method) + chalk.dim(` ${req.url}`))
     next()
   }
 
@@ -351,10 +362,16 @@ class Endpoint {
 
     app.use((req, res, next) => {
       this.allowOrigins(host)(req, res)
-      this.allowHeaders('Origin', 'X-Requested-With', 'Content-Type', 'Accept')(req, res)
+      this.allowHeaders(...this.commonHeaders)(req, res)
       this.allowMethods('GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS')(req, res)
 
       // Support preflight requests
+      this.allowPreflight(req, res, next)
+    })
+  }
+
+  allowPreflight () {
+    return (req, res, next) => {
       if (req.method.toUpperCase() === 'OPTIONS') {
         if (req.headers['access-control-request-headers']) {
           this.allowHeaders(...req.headers['access-control-request-headers'].split(','))(req, res)
@@ -364,7 +381,7 @@ class Endpoint {
       }
 
       next()
-    })
+    }
   }
 
   allowMethods () {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@butlerlogic/common-api",
-  "version": "1.5.2",
+  "version": "1.5.3",
   "description": "An API engineering productivity kit for Express.",
   "main": "index.js",
   "scripts": {