fix: cors preflight

src/index.js

@@ -1,11 +1,13 @@
 import { Router } from 'itty-router';
 import { genErrorResponse, ResError } from './response';
+import { withCORS } from './middlewares';
 import * as index from './routes/index';
 import * as favicon from './routes/favicon';
 import * as image from './routes/image';
 import * as api from './routes/api';
 
 const router = Router();
+router.options('*', withCORS);
 
 // routes
 router.get('/', index.get);

src/middlewares.js

@@ -0,0 +1,26 @@
+/**
+ * @param {Request} req
+ */
+export async function withCORS(req) {
+  const origin = req.headers.get('Origin');
+  const methods = req.headers.get('Access-Control-Request-Method');
+  const _headers = req.headers.get('Access-Control-Request-Headers');
+
+  const headers = {
+    'Access-Control-Allow-Origin': '*',
+    'Access-Control-Expose-Headers': '*',
+    'Access-Control-Allow-Methods': methods,
+    'Access-Control-Max-Age': '86400',
+    'Cache-Control': 'public, max-age=86400',
+  };
+  if (_headers) {
+    headers['Access-Control-Allow-Headers'] = _headers;
+  }
+
+  if (origin && methods) {
+    return new Response(null, {
+      status: 204,
+      headers,
+    });
+  }
+}

src/response.js

@@ -17,6 +17,7 @@ export async function genResponse(req, body, init) {
       status: 304,
       headers: {
         'Access-Control-Allow-Origin': '*',
+        'Access-Control-Expose-Headers': '*',
         'Cache-Control': init.headers['Cache-Control'] || 'no-cache',
         ETag: etag,
         'X-Response-Time': `${Date.now() - req.time}ms`,
@@ -26,6 +27,7 @@ export async function genResponse(req, body, init) {
   // 200
   const res = new Response(body, init);
   res.headers.set('Access-Control-Allow-Origin', '*');
+  res.headers.set('Access-Control-Expose-Headers', '*');
   if (!init.headers['Cache-Control']) {
     res.headers.set('Cache-Control', 'no-cache');
   }
@@ -57,6 +59,7 @@ export async function genProxyResponse(req, event, proxy) {
       status: 304,
       headers: {
         'Access-Control-Allow-Origin': '*',
+        'Access-Control-Expose-Headers': '*',
         'Cache-Control': resCache.headers.get('Cache-Control'),
         ETag: etag,
         'X-Proxy-Cache': 'HIT',
@@ -67,6 +70,7 @@ export async function genProxyResponse(req, event, proxy) {
   // normal response
   const res = new Response(resCache.body, resCache);
   res.headers.set('Access-Control-Allow-Origin', '*');
+  res.headers.set('Access-Control-Expose-Headers', '*');
   res.headers.set('X-Proxy-Cache', usingCache ? 'HIT' : 'MISS');
   res.headers.set('X-Response-Time', `${Date.now() - req.time}ms`);
   return res;
@@ -94,6 +98,7 @@ export class ResError extends Error {
 export function genErrorResponse(req, e) {
   const headers = {
     'Access-Control-Allow-Origin': '*',
+    'Access-Control-Expose-Headers': '*',
     'Content-Type': 'text/plain',
     'Cache-Control': 'no-cache',
     'X-Response-Time': `${Date.now() - req.time}ms`,

src/routes/index.js

@@ -7,7 +7,7 @@ export async function get(req) {
   return await genResponse(req, null, {
     status: 301,
     headers: {
-      Location: 'https://github.com/dsrkafuu/moe-counter#readme',
+      Location: 'https://github.com/dsrkafuu/moe-counter-cf#readme',
       'Cache-Control': 'public, max-age=86400',
     },
   });