_matchesValue - compare two values to determine if they match * @param {string} allowedValue - an allowed value in a CORS rule; * may contain wildcards * @param {string} value - value from CORS request * @return {boolean} - true/false
(allowedValue, value)
| 5 | * @return {boolean} - true/false |
| 6 | */ |
| 7 | function _matchesValue(allowedValue, value) { |
| 8 | const wildcardIndex = allowedValue.indexOf('*'); |
| 9 | // If no wildcards, simply return whether strings are equal |
| 10 | if (wildcardIndex === -1) { |
| 11 | return allowedValue === value; |
| 12 | } |
| 13 | // Otherwise make sure substrings match expected substrings before |
| 14 | // and after the wildcard |
| 15 | const beginValue = allowedValue.substring(0, wildcardIndex); |
| 16 | const endValue = allowedValue.substring(wildcardIndex + 1); |
| 17 | return (value.startsWith(beginValue) && value.endsWith(endValue)); |
| 18 | } |
| 19 | |
| 20 | /** _matchesOneOf - check if header matches any AllowedHeaders of a rule |
| 21 | * @param {string[]} allowedHeaders - headers allowed in CORS rule |
no outgoing calls
no test coverage detected