MCPcopy
hub / github.com/webpack/webpack-dev-server / isUserCORSWildcardEnabled

Method isUserCORSWildcardEnabled

lib/Server.js:3145–3185  ·  view source on GitHub ↗

* @private * @returns {boolean} true when the user has configured a wildcard * Access-Control-Allow-Origin header (opting into fully open cross-origin access)

()

Source from the content-addressed store, hash-verified

3143 * Access-Control-Allow-Origin header (opting into fully open cross-origin access)
3144 */
3145 isUserCORSWildcardEnabled() {
3146 const { headers } = this.options;
3147
3148 if (!headers) {
3149 return false;
3150 }
3151
3152 if (typeof headers === "function") {
3153 return false;
3154 }
3155
3156 /**
3157 * @param {string | string[]} value header value
3158 * @returns {boolean} true when value is the "*" wildcard
3159 */
3160 const isWildcard = (value) => {
3161 if (typeof value === "string") {
3162 return value.trim() === "*";
3163 }
3164
3165 if (Array.isArray(value)) {
3166 return value.length === 1 && isWildcard(value[0]);
3167 }
3168
3169 return false;
3170 };
3171
3172 if (Array.isArray(headers)) {
3173 return headers.some(
3174 (header) =>
3175 header.key.toLowerCase() === "access-control-allow-origin" &&
3176 isWildcard(header.value),
3177 );
3178 }
3179
3180 return Object.entries(headers).some(
3181 ([key, value]) =>
3182 key.toLowerCase() === "access-control-allow-origin" &&
3183 isWildcard(value),
3184 );
3185 }
3186
3187 /**
3188 * @private

Callers 1

setupMiddlewaresMethod · 0.95

Calls

no outgoing calls

Tested by

no test coverage detected