CORS

Use the cors utility method to create a middleware for setting CORS headers:

import { cors } from '@bit-js/byte';

app.prepare(cors());

If an option object is not passed in, Access-Control-Allow-Origin header will be set to *;

The options include:

interface CORSOptions {
    // Set 'Access-Control-Allow-Origin' header
    // Set the 'Vary' header to 'Origin' if only one origin is allowed
    allowOrigin?: string;

    // Set 'Access-Control-Allow-Methods' header
    allowMethods?: string | string[];

    // Set 'Access-Control-Expose-Headers' header
    exposeHeaders?: Values;

    // Set 'Access-Control-Max-Age' header
    maxAge?: number;

    // Set 'Access-Control-Allow-Credentials' header
    allowCredentials?: boolean;

    // Set 'Access-Control-Allow-Headers' header
    allowHeaders?: Values;
}

For allowing multiple origins see CSRF utility.