diff --git a/src/resources/api.ts b/src/resources/api.ts index 5c25ad85..95c84c90 100644 --- a/src/resources/api.ts +++ b/src/resources/api.ts @@ -348,15 +348,6 @@ interface ApiDetails { url: string; } -const defaultCorsOptions: CorsOptions = { - allowOrigins: ['*'], - allowHeaders: ['Content-Type', 'Authorization'], - allowMethods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'], - allowCredentials: false, - exposeHeaders: [], - maxAge: '300 seconds', -}; - /** * API Resource * @@ -423,11 +414,6 @@ export class Api extends Base { middleware: [...this.middleware, ...routeMiddleware], }); - if (this.cors && !this.routes.some((rr) => rr.path === r.path)) { - // register options handler - r.options([]); - } - this.routes.push(r); return r; @@ -604,10 +590,7 @@ export class Api extends Base { } if (cors) { - const corsConfig = { - ...defaultCorsOptions, - ...(typeof cors === 'object' ? cors : undefined), - }; + const corsConfig = typeof cors === 'object' ? cors : {}; const corsDef = new ApiCorsDefinition(); corsDef.setAllowcredentials(corsConfig.allowCredentials); @@ -615,7 +598,9 @@ export class Api extends Base { corsDef.setAllowheadersList(corsConfig.allowHeaders); corsDef.setAllowmethodsList(corsConfig.allowMethods); corsDef.setExposeheadersList(corsConfig.exposeHeaders); - corsDef.setMaxage(durationToSeconds(corsConfig.maxAge)); + corsDef.setMaxage( + corsConfig.maxAge ? durationToSeconds(corsConfig.maxAge) : undefined + ); apiResource.setCors(corsDef); }